UrlValidator.php 4.7 KB
Newer Older
w  
Qiang Xue committed
1 2 3
<?php
/**
 * @link http://www.yiiframework.com/
Qiang Xue committed
4
 * @copyright Copyright (c) 2008 Yii Software LLC
w  
Qiang Xue committed
5 6 7
 * @license http://www.yiiframework.com/license/
 */

w  
Qiang Xue committed
8 9
namespace yii\validators;

Qiang Xue committed
10
use Yii;
11
use yii\base\InvalidConfigException;
Qiang Xue committed
12
use yii\web\JsExpression;
13
use yii\helpers\Json;
Qiang Xue committed
14

w  
Qiang Xue committed
15
/**
w  
Qiang Xue committed
16
 * UrlValidator validates that the attribute value is a valid http or https URL.
w  
Qiang Xue committed
17
 *
Qiang Xue committed
18 19 20
 * Note that this validator only checks if the URL scheme and host part are correct.
 * It does not check the rest part of a URL.
 *
w  
Qiang Xue committed
21
 * @author Qiang Xue <qiang.xue@gmail.com>
w  
Qiang Xue committed
22
 * @since 2.0
w  
Qiang Xue committed
23
 */
w  
Qiang Xue committed
24
class UrlValidator extends Validator
w  
Qiang Xue committed
25
{
26 27 28 29 30 31 32 33 34
    /**
     * @var string the regular expression used to validate the attribute value.
     * The pattern may contain a `{schemes}` token that will be replaced
     * by a regular expression which represents the [[validSchemes]].
     */
    public $pattern = '/^{schemes}:\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)/i';
    /**
     * @var array list of URI schemes which should be considered valid. By default, http and https
     * are considered to be valid schemes.
35
     */
36 37 38 39 40
    public $validSchemes = ['http', 'https'];
    /**
     * @var string the default URI scheme. If the input doesn't contain the scheme part, the default
     * scheme will be prepended to it (thus changing the input). Defaults to null, meaning a URL must
     * contain the scheme part.
41
     */
42 43 44 45 46 47 48 49
    public $defaultScheme;
    /**
     * @var boolean whether validation process should take into account IDN (internationalized
     * domain names). Defaults to false meaning that validation of URLs containing IDN will always
     * fail. Note that in order to use IDN validation you have to install and enable `intl` PHP
     * extension, otherwise an exception would be thrown.
     */
    public $enableIDN = false;
w  
Qiang Xue committed
50

Qiang Xue committed
51

52 53 54 55 56 57 58 59 60 61 62 63 64
    /**
     * @inheritdoc
     */
    public function init()
    {
        parent::init();
        if ($this->enableIDN && !function_exists('idn_to_ascii')) {
            throw new InvalidConfigException('In order to use IDN validation intl extension must be installed and enabled.');
        }
        if ($this->message === null) {
            $this->message = Yii::t('yii', '{attribute} is not a valid URL.');
        }
    }
Qiang Xue committed
65

66 67 68 69 70 71 72 73 74 75 76 77 78
    /**
     * @inheritdoc
     */
    public function validateAttribute($object, $attribute)
    {
        $value = $object->$attribute;
        $result = $this->validateValue($value);
        if (!empty($result)) {
            $this->addError($object, $attribute, $result[0], $result[1]);
        } elseif ($this->defaultScheme !== null && strpos($value, '://') === false) {
            $object->$attribute = $this->defaultScheme . '://' . $value;
        }
    }
w  
Qiang Xue committed
79

80 81 82 83 84 85 86 87 88 89
    /**
     * @inheritdoc
     */
    protected function validateValue($value)
    {
        // make sure the length is limited to avoid DOS attacks
        if (is_string($value) && strlen($value) < 2000) {
            if ($this->defaultScheme !== null && strpos($value, '://') === false) {
                $value = $this->defaultScheme . '://' . $value;
            }
w  
Qiang Xue committed
90

91 92 93 94 95
            if (strpos($this->pattern, '{schemes}') !== false) {
                $pattern = str_replace('{schemes}', '(' . implode('|', $this->validSchemes) . ')', $this->pattern);
            } else {
                $pattern = $this->pattern;
            }
w  
Qiang Xue committed
96

97 98 99 100 101
            if ($this->enableIDN) {
                $value = preg_replace_callback('/:\/\/([^\/]+)/', function ($matches) {
                    return '://' . idn_to_ascii($matches[1]);
                }, $value);
            }
102

103 104 105 106
            if (preg_match($pattern, $value)) {
                return null;
            }
        }
w  
Qiang Xue committed
107

108 109
        return [$this->message, []];
    }
w  
Qiang Xue committed
110

111 112 113 114 115 116 117 118 119 120
    /**
     * @inheritdoc
     */
    public function clientValidateAttribute($object, $attribute, $view)
    {
        if (strpos($this->pattern, '{schemes}') !== false) {
            $pattern = str_replace('{schemes}', '(' . implode('|', $this->validSchemes) . ')', $this->pattern);
        } else {
            $pattern = $this->pattern;
        }
w  
Qiang Xue committed
121

122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142
        $options = [
            'pattern' => new JsExpression($pattern),
            'message' => Yii::$app->getI18n()->format($this->message, [
                'attribute' => $object->getAttributeLabel($attribute),
            ], Yii::$app->language),
            'enableIDN' => (boolean) $this->enableIDN,
        ];
        if ($this->skipOnEmpty) {
            $options['skipOnEmpty'] = 1;
        }
        if ($this->defaultScheme !== null) {
            $options['defaultScheme'] = $this->defaultScheme;
        }

        ValidationAsset::register($view);
        if ($this->enableIDN) {
            PunycodeAsset::register($view);
        }

        return 'yii.validation.url(value, messages, ' . Json::encode($options) . ');';
    }
w  
Qiang Xue committed
143
}