1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/** |
4
|
|
|
* webtrees: online genealogy |
5
|
|
|
* Copyright (C) 2021 webtrees development team |
6
|
|
|
* This program is free software: you can redistribute it and/or modify |
7
|
|
|
* it under the terms of the GNU General Public License as published by |
8
|
|
|
* the Free Software Foundation, either version 3 of the License, or |
9
|
|
|
* (at your option) any later version. |
10
|
|
|
* This program is distributed in the hope that it will be useful, |
11
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
12
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13
|
|
|
* GNU General Public License for more details. |
14
|
|
|
* You should have received a copy of the GNU General Public License |
15
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>. |
16
|
|
|
*/ |
17
|
|
|
|
18
|
|
|
declare(strict_types=1); |
19
|
|
|
|
20
|
|
|
namespace Fisharebest\Webtrees; |
21
|
|
|
|
22
|
|
|
use Closure; |
23
|
|
|
use Fisharebest\Webtrees\Http\Exceptions\HttpBadRequestException; |
24
|
|
|
use LogicException; |
25
|
|
|
use Psr\Http\Message\ServerRequestInterface; |
26
|
|
|
|
27
|
|
|
use function array_reduce; |
28
|
|
|
use function ctype_digit; |
29
|
|
|
use function is_array; |
30
|
|
|
use function is_int; |
31
|
|
|
use function is_string; |
32
|
|
|
use function parse_url; |
33
|
|
|
use function preg_match; |
34
|
|
|
use function str_starts_with; |
35
|
|
|
|
36
|
|
|
/** |
37
|
|
|
* Validate a parameter from an HTTP request |
38
|
|
|
*/ |
39
|
|
|
class Validator |
40
|
|
|
{ |
41
|
|
|
/** @var array<string|array<string>> */ |
42
|
|
|
private array $parameters; |
43
|
|
|
|
44
|
|
|
/** @var array<Closure> */ |
45
|
|
|
private array $rules = []; |
46
|
|
|
|
47
|
|
|
/** |
48
|
|
|
* @param array<string|array<string>> $parameters |
49
|
|
|
*/ |
50
|
|
|
public function __construct(array $parameters) |
51
|
|
|
{ |
52
|
|
|
$this->parameters = $parameters; |
53
|
|
|
} |
54
|
|
|
|
55
|
|
|
/** |
56
|
|
|
* @param ServerRequestInterface $request |
57
|
|
|
* |
58
|
|
|
* @return self |
59
|
|
|
*/ |
60
|
|
|
public static function parsedBody(ServerRequestInterface $request): self |
61
|
|
|
{ |
62
|
|
|
return new self((array) $request->getParsedBody()); |
63
|
|
|
} |
64
|
|
|
|
65
|
|
|
/** |
66
|
|
|
* @param ServerRequestInterface $request |
67
|
|
|
* |
68
|
|
|
* @return self |
69
|
|
|
*/ |
70
|
|
|
public static function queryParams(ServerRequestInterface $request): self |
71
|
|
|
{ |
72
|
|
|
return new self($request->getQueryParams()); |
73
|
|
|
} |
74
|
|
|
|
75
|
|
|
/** |
76
|
|
|
* @param int $minimum |
77
|
|
|
* @param int $maximum |
78
|
|
|
* |
79
|
|
|
* @return self |
80
|
|
|
*/ |
81
|
|
|
public function isBetween(int $minimum, int $maximum): self |
82
|
|
|
{ |
83
|
|
|
$this->rules[] = static function (?int $value) use ($minimum, $maximum): ?int { |
84
|
|
|
if (is_int($value) && $value >= $minimum && $value <= $maximum) { |
85
|
|
|
return $value; |
86
|
|
|
} |
87
|
|
|
|
88
|
|
|
return null; |
89
|
|
|
}; |
90
|
|
|
|
91
|
|
|
return $this; |
92
|
|
|
} |
93
|
|
|
|
94
|
|
|
/** |
95
|
|
|
* @param string $base_url |
96
|
|
|
* |
97
|
|
|
* @return $this |
98
|
|
|
*/ |
99
|
|
|
public function isLocalUrl(string $base_url): self |
100
|
|
|
{ |
101
|
|
|
$this->rules[] = static function (?string $value) use ($base_url): ?string { |
102
|
|
|
if (is_string($value)) { |
103
|
|
|
$value_info = parse_url($value); |
104
|
|
|
$base_url_info = parse_url($base_url); |
105
|
|
|
|
106
|
|
|
if (!is_array($base_url_info)) { |
|
|
|
|
107
|
|
|
throw new LogicException(__METHOD__ . ' needs a valid URL'); |
108
|
|
|
} |
109
|
|
|
|
110
|
|
|
if (is_array($value_info)) { |
|
|
|
|
111
|
|
|
$scheme_ok = ($value_info['scheme'] ?? 'http') === ($base_url_info['scheme'] ?? 'http'); |
112
|
|
|
$host_ok = ($value_info['host'] ?? '') === ($base_url_info['host'] ?? ''); |
113
|
|
|
$port_ok = ($value_info['port'] ?? '') === ($base_url_info['port'] ?? ''); |
114
|
|
|
$user_ok = ($value_info['user'] ?? '') === ($base_url_info['user'] ?? ''); |
115
|
|
|
$path_ok = str_starts_with($value_info['path'] ?? '/', $base_url_info['path'] ?? '/'); |
116
|
|
|
|
117
|
|
|
if ($scheme_ok && $host_ok && $port_ok && $user_ok && $path_ok) { |
118
|
|
|
return $value; |
119
|
|
|
} |
120
|
|
|
} |
121
|
|
|
} |
122
|
|
|
|
123
|
|
|
return null; |
124
|
|
|
}; |
125
|
|
|
|
126
|
|
|
return $this; |
127
|
|
|
} |
128
|
|
|
|
129
|
|
|
/** |
130
|
|
|
* @return $this |
131
|
|
|
*/ |
132
|
|
|
public function isXref(): self |
133
|
|
|
{ |
134
|
|
|
$this->rules[] = static function (?string $value): ?string { |
135
|
|
|
if (is_string($value) && preg_match('/^' . Gedcom::REGEX_XREF . '$/', $value) === 1) { |
136
|
|
|
return $value; |
137
|
|
|
} |
138
|
|
|
|
139
|
|
|
return null; |
140
|
|
|
}; |
141
|
|
|
|
142
|
|
|
return $this; |
143
|
|
|
} |
144
|
|
|
|
145
|
|
|
/** |
146
|
|
|
* @param string $parameter |
147
|
|
|
* |
148
|
|
|
* @return array<string>|null |
149
|
|
|
*/ |
150
|
|
|
public function array(string $parameter): ?array |
151
|
|
|
{ |
152
|
|
|
$value = $this->parameters[$parameter] ?? null; |
153
|
|
|
|
154
|
|
|
if (!is_array($value)) { |
155
|
|
|
$value = null; |
156
|
|
|
} |
157
|
|
|
|
158
|
|
|
$callback = static fn (?array $value, Closure $rule): ?array => $rule($value); |
159
|
|
|
|
160
|
|
|
return array_reduce($this->rules, $callback, $value); |
161
|
|
|
} |
162
|
|
|
|
163
|
|
|
/** |
164
|
|
|
* @param string $parameter |
165
|
|
|
* |
166
|
|
|
* @return int|null |
167
|
|
|
*/ |
168
|
|
|
public function integer(string $parameter): ?int |
169
|
|
|
{ |
170
|
|
|
$value = $this->parameters[$parameter] ?? null; |
171
|
|
|
|
172
|
|
|
if (is_string($value) && ctype_digit($value)) { |
173
|
|
|
$value = (int) $value; |
174
|
|
|
} else { |
175
|
|
|
$value = null; |
176
|
|
|
} |
177
|
|
|
|
178
|
|
|
$callback = static fn (?int $value, Closure $rule): ?int => $rule($value); |
179
|
|
|
|
180
|
|
|
return array_reduce($this->rules, $callback, $value); |
181
|
|
|
} |
182
|
|
|
|
183
|
|
|
/** |
184
|
|
|
* @param string $parameter |
185
|
|
|
* |
186
|
|
|
* @return string|null |
187
|
|
|
*/ |
188
|
|
|
public function string(string $parameter): ?string |
189
|
|
|
{ |
190
|
|
|
$value = $this->parameters[$parameter] ?? null; |
191
|
|
|
|
192
|
|
|
if (!is_string($value)) { |
193
|
|
|
$value = null; |
194
|
|
|
} |
195
|
|
|
|
196
|
|
|
$callback = static fn (?string $value, Closure $rule): ?string => $rule($value); |
197
|
|
|
|
198
|
|
|
return array_reduce($this->rules, $callback, $value); |
199
|
|
|
} |
200
|
|
|
|
201
|
|
|
/** |
202
|
|
|
* @param string $parameter |
203
|
|
|
* |
204
|
|
|
* @return array<string> |
205
|
|
|
*/ |
206
|
|
|
public function requiredArray(string $parameter): array |
207
|
|
|
{ |
208
|
|
|
$value = $this->array($parameter); |
209
|
|
|
|
210
|
|
|
if ($value === null) { |
211
|
|
|
throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter)); |
212
|
|
|
} |
213
|
|
|
|
214
|
|
|
return $value; |
215
|
|
|
} |
216
|
|
|
|
217
|
|
|
/** |
218
|
|
|
* @param string $parameter |
219
|
|
|
* |
220
|
|
|
* @return int |
221
|
|
|
*/ |
222
|
|
|
public function requiredInteger(string $parameter): int |
223
|
|
|
{ |
224
|
|
|
$value = $this->integer($parameter); |
225
|
|
|
|
226
|
|
|
if ($value === null) { |
227
|
|
|
throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter)); |
228
|
|
|
} |
229
|
|
|
|
230
|
|
|
return $value; |
231
|
|
|
} |
232
|
|
|
|
233
|
|
|
/** |
234
|
|
|
* @param string $parameter |
235
|
|
|
* |
236
|
|
|
* @return string |
237
|
|
|
*/ |
238
|
|
|
public function requiredString(string $parameter): string |
239
|
|
|
{ |
240
|
|
|
$value = $this->string($parameter); |
241
|
|
|
|
242
|
|
|
if ($value === null) { |
243
|
|
|
throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter)); |
244
|
|
|
} |
245
|
|
|
|
246
|
|
|
return $value; |
247
|
|
|
} |
248
|
|
|
} |
249
|
|
|
|