github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-14 18:48:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Refactored Validate class (#646)

Browse source 
* Refactored Validate class

* Fixed undefined variables

* Moved check for empty
This commit is contained in:
Roman Kelesidis 2023-03-20 17:08:34 +07:00 committed by GitHub
commit 8cbe09027a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 35 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

2
admin/admin_disallow.php
View file

@ -21,7 +21,7 @@ if (isset($_POST['add_name'])) {
if ($disallowed_user == '') {
bb_die($lang['FIELDS_EMPTY']);
}
if (\TorrentPier\Legacy\Validate::username($disallowed_user)) {
if (\TorrentPier\Validate::username($disallowed_user)) {
$message = $lang['DISALLOWED_ALREADY'];
} else {
$sql = 'INSERT INTO ' . BB_DISALLOW . " (disallow_username) VALUES('" . DB()->escape($disallowed_user) . "')";

4
library/ajax/edit_user_profile.php
View file

@ -26,7 +26,7 @@ $value = $this->request['value'] = (string)(isset($this->request['value'])) ? $t
switch ($field) {
case 'username':
$value = clean_username($value);
if ($err = \TorrentPier\Legacy\Validate::username($value)) {
if ($err = \TorrentPier\Validate::username($value)) {
$this->ajax_die(strip_tags($err));
}
$this->response['new_value'] = $this->request['value'];
@ -34,7 +34,7 @@ switch ($field) {
case 'user_email':
$value = htmlCHR($value);
if ($err = \TorrentPier\Legacy\Validate::email($value)) {
if ($err = \TorrentPier\Validate::email($value)) {
$this->ajax_die($err);
}
$this->response['new_value'] = $this->request['value'];

10
library/ajax/user_register.php
View file

@ -20,9 +20,7 @@ switch ($mode) {
case 'check_name':
$username = clean_username($this->request['username']);
if (empty($username)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $lang['CHOOSE_A_NAME'] . '</span>';
} elseif ($err = \TorrentPier\Legacy\Validate::username($username)) {
if ($err = \TorrentPier\Validate::username($username)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $err . '</span>';
}
break;
@ -30,9 +28,7 @@ switch ($mode) {
case 'check_email':
$email = (string)$this->request['email'];
if (empty($email)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $lang['CHOOSE_E_MAIL'] . '</span>';
} elseif ($err = \TorrentPier\Legacy\Validate::email($email)) {
if ($err = \TorrentPier\Validate::email($email)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $err . '</span>';
}
break;
@ -41,7 +37,7 @@ switch ($mode) {
$pass = (string)$this->request['pass'];
$pass_confirm = (string)$this->request['pass_confirm'];
if ($err = \TorrentPier\Legacy\Validate::password($pass, $pass_confirm)) {
if ($err = \TorrentPier\Validate::password($pass, $pass_confirm)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $err . '</span>';
} else {
$text = (IS_GUEST) ? $lang['CHOOSE_PASS_REG_OK'] : $lang['CHOOSE_PASS_OK'];

8
library/includes/ucp/register.php
View file

@ -180,7 +180,7 @@ foreach ($profile_fields as $field => $can_edit) {
$username = !empty($_POST['username']) ? clean_username($_POST['username']) : $pr_data['username'];
if ($submit) {
$err = \TorrentPier\Legacy\Validate::username($username);
$err = \TorrentPier\Validate::username($username);
if (!$errors and $err && $mode == 'register') {
$errors[] = $err;
}
@ -204,7 +204,7 @@ foreach ($profile_fields as $field => $can_edit) {
// пароль для гостя и при смене пароля юзером
if (!empty($new_pass)) {
if ($err = \TorrentPier\Legacy\Validate::password($new_pass, $cfm_pass)) {
if ($err = \TorrentPier\Validate::password($new_pass, $cfm_pass)) {
$errors[] = $err;
}
@ -236,7 +236,7 @@ foreach ($profile_fields as $field => $can_edit) {
if (empty($email)) {
$errors[] = $lang['CHOOSE_E_MAIL'];
}
if (!$errors and $err = \TorrentPier\Legacy\Validate::email($email)) {
if (!$errors and $err = \TorrentPier\Validate::email($email)) {
$errors[] = $err;
}
$db_data['user_email'] = $email;
@ -246,7 +246,7 @@ foreach ($profile_fields as $field => $can_edit) {
if (!$cur_pass_valid) {
$errors[] = $lang['CONFIRM_PASSWORD_EXPLAIN'];
}
if (!$errors and $err = \TorrentPier\Legacy\Validate::email($email)) {
if (!$errors and $err = \TorrentPier\Validate::email($email)) {
$errors[] = $err;
}
if ($bb_cfg['reg_email_activation']) {

1
src/Legacy/Post.php
View file

@ -11,6 +11,7 @@ namespace TorrentPier\Legacy;
use TorrentPier\Emailer;
use TorrentPier\Legacy\Admin\Common;
use TorrentPier\Validate;
/**
* Class Post

36
src/Legacy/Validate.php → src/Validate.php
View file

@ -7,7 +7,7 @@
* @license https://github.com/torrentpier/torrentpier/blob/master/LICENSE MIT License
*/
namespace TorrentPier\Legacy;
namespace TorrentPier;
use Egulias\EmailValidator\EmailValidator;
use Egulias\EmailValidator\Validation\DNSCheckValidation;
@ -18,7 +18,7 @@ use Egulias\EmailValidator\Validation\Extra\SpoofCheckValidation;
/**
* Class Validate
* @package TorrentPier\Legacy
* @package TorrentPier
*/
class Validate
{
@ -30,12 +30,17 @@ class Validate
*
* @return bool|string
*/
public static function username($username, $check_ban_and_taken = true)
public static function username(string $username, bool $check_ban_and_taken = true)
{
global $user, $lang;
static $name_chars = 'a-z0-9а-яё_@$%^&;(){}\#\-\'.:+ ';
// Check for empty
if (empty($username)) {
return $lang['CHOOSE_A_NAME'];
}
$username = str_compact($username);
$username = clean_username($username);
@ -61,17 +66,16 @@ class Validate
}
}
if ($check_ban_and_taken) {
// Занято
// Check taken
$username_sql = DB()->escape($username);
if ($row = DB()->fetch_row("SELECT username FROM " . BB_USERS . " WHERE username = '$username_sql' LIMIT 1")) {
if ((!IS_GUEST && $row['username'] != $user->name) || IS_GUEST) {
return $lang['USERNAME_TAKEN'];
}
}
// Запрещено
$banned_names = [];
// Check banned
$banned_names = [];
foreach (DB()->fetch_rowset("SELECT disallow_username FROM " . BB_DISALLOW . " ORDER BY NULL") as $row) {
$banned_names[] = str_replace('\*', '.*?', preg_quote($row['disallow_username'], '#u'));
}
@ -93,13 +97,21 @@ class Validate
*
* @return bool|string
*/
public static function email($email, $check_ban_and_taken = true)
public static function email(string $email, bool $check_ban_and_taken = true)
{
global $lang, $userdata, $bb_cfg;
if (!$email || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
// Check for empty
if (empty($email)) {
return $lang['CHOOSE_E_MAIL'];
}
// Basic email validate
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return $lang['EMAIL_INVALID'];
}
// Check max length
if (\strlen($email) > USEREMAIL_MAX_LENGTH) {
return $lang['EMAIL_TOO_LONG'];
}
@ -121,8 +133,8 @@ class Validate
}
if ($check_ban_and_taken) {
// Check banned
$banned_emails = [];
foreach (DB()->fetch_rowset("SELECT ban_email FROM " . BB_BANLIST . " ORDER BY NULL") as $row) {
$banned_emails[] = str_replace('\*', '.*?', preg_quote($row['ban_email'], '#'));
}
@ -132,8 +144,8 @@ class Validate
}
}
// Check taken
$email_sql = DB()->escape($email);
if ($row = DB()->fetch_row("SELECT `user_email` FROM " . BB_USERS . " WHERE user_email = '$email_sql' LIMIT 1")) {
if ($row['user_email'] == $userdata['user_email']) {
return false;
@ -159,7 +171,7 @@ class Validate
global $lang;
// Check for empty
if (empty($pass) || empty($pass_confirm)) {
if (empty($password) || empty($password_confirm)) {
return $lang['CHOOSE_PASS'];
}