From: Hypolite Petovan Date: Sun, 17 Dec 2017 00:23:22 +0000 (-0500) Subject: Make validate_url more intuitive X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=1724dd3841d61442b065758049e4568598bcd752;p=friendica.git Make validate_url more intuitive - Remove the parameter passed by reference - Add modified url in return value --- diff --git a/include/identity.php b/include/identity.php index 79bfe3830b..9c315efbde 100644 --- a/include/identity.php +++ b/include/identity.php @@ -932,11 +932,12 @@ function get_my_url() function zrl_init(App $a) { - $tmp_str = get_my_url(); - if (validate_url($tmp_str)) { + $my_url = get_my_url(); + $my_url = validate_url($my_url); + if ($my_url) { // Is it a DDoS attempt? // The check fetches the cached value from gprobe to reduce the load for this system - $urlparts = parse_url($tmp_str); + $urlparts = parse_url($my_url); $result = Cache::get("gprobe:" . $urlparts["host"]); if ((!is_null($result)) && (in_array($result["network"], array(NETWORK_FEED, NETWORK_PHANTOM)))) { @@ -944,8 +945,8 @@ function zrl_init(App $a) return; } - Worker::add(PRIORITY_LOW, 'GProbe', $tmp_str); - $arr = array('zrl' => $tmp_str, 'url' => $a->cmd); + Worker::add(PRIORITY_LOW, 'GProbe', $my_url); + $arr = array('zrl' => $my_url, 'url' => $a->cmd); call_hooks('zrl_init', $arr); } } diff --git a/include/network.php b/include/network.php index 16c8185e1a..be5519d5c6 100644 --- a/include/network.php +++ b/include/network.php @@ -470,26 +470,28 @@ function http_status_exit($val, $description = array()) * and check DNS to see if it's real (or check if is a valid IP address) * * @param string $url The URL to be validated - * @return boolean True if it's a valid URL, fals if something wrong with it + * @return string|boolean The actual working URL, false else */ -function validate_url(&$url) +function validate_url($url) { if (Config::get('system', 'disable_url_validation')) { - return true; + return $url; } // no naked subdomains (allow localhost for tests) - if (strpos($url, '.') === false && strpos($url, '/localhost/') === false) + if (strpos($url, '.') === false && strpos($url, '/localhost/') === false) { return false; + } - if (substr($url, 0, 4) != 'http') + if (substr($url, 0, 4) != 'http') { $url = 'http://' . $url; + } - /// @TODO Really supress function outcomes? Why not find them + debug them? + /// @TODO Really suppress function outcomes? Why not find them + debug them? $h = @parse_url($url); if ((is_array($h)) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) { - return true; + return $url; } return false; diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index ec67586561..04ed71a6b4 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -377,7 +377,8 @@ function dfrn_request_post(App $a) { ); } else { - if (! validate_url($url)) { + $url = validate_url($url); + if (! $url) { notice( t('Invalid profile URL.') . EOL); goaway(System::baseUrl() . '/' . $a->cmd); return; // NOTREACHED diff --git a/mod/settings.php b/mod/settings.php index e3d650e089..f9482289d7 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -537,10 +537,9 @@ function settings_post(App $a) { // If openid has changed or if there's an openid but no openidserver, try and discover it. if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) { - $tmp_str = $openid; - if (strlen($tmp_str) && validate_url($tmp_str)) { + if (strlen($tmp_str) && validate_url($openid)) { logger('updating openidserver'); - require_once('library/openid.php'); + require_once 'library/openid.php'; $open_id_obj = new LightOpenID; $open_id_obj->identity = $openid; $openidserver = $open_id_obj->discover($open_id_obj->identity); diff --git a/src/Model/User.php b/src/Model/User.php index f487de7661..99222f5229 100644 --- a/src/Model/User.php +++ b/src/Model/User.php @@ -198,8 +198,6 @@ class User $password = $password1; } - $tmp_str = $openid_url; - if ($using_invites) { if (!$invite_id) { throw new Exception(t('An invitation is required.')); @@ -212,7 +210,7 @@ class User if (!x($username) || !x($email) || !x($nickname)) { if ($openid_url) { - if (!validate_url($tmp_str)) { + if (!validate_url($openid_url)) { throw new Exception(t('Invalid OpenID url')); } $_SESSION['register'] = 1; @@ -235,7 +233,7 @@ class User throw new Exception(t('Please enter the required information.')); } - if (!validate_url($tmp_str)) { + if (!validate_url($openid_url)) { $openid_url = ''; }