[ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * Joomla! Content Management System 5 * 6 * @copyright (C) 2019 Open Source Matters, Inc. <https://www.joomla.org> 7 * @license GNU General Public License version 2 or later; see LICENSE.txt 8 */ 9 10 namespace Joomla\CMS\Form\Filter; 11 12 use Joomla\CMS\Filter\InputFilter; 13 use Joomla\CMS\Form\Form; 14 use Joomla\CMS\Form\FormFilterInterface; 15 use Joomla\CMS\String\PunycodeHelper; 16 use Joomla\CMS\Uri\Uri; 17 use Joomla\Registry\Registry; 18 19 // phpcs:disable PSR1.Files.SideEffects 20 \defined('JPATH_PLATFORM') or die; 21 // phpcs:enable PSR1.Files.SideEffects 22 23 /** 24 * Form Filter class for URLs 25 * 26 * @since 4.0.0 27 */ 28 class UrlFilter implements FormFilterInterface 29 { 30 /** 31 * Method to filter a field value. 32 * 33 * @param \SimpleXMLElement $element The SimpleXMLElement object representing the `<field>` tag for the form field object. 34 * @param mixed $value The form field value to validate. 35 * @param string $group The field name group control value. This acts as an array container for the field. 36 * For example if the field has name="foo" and the group value is set to "bar" then the 37 * full field name would end up being "bar[foo]". 38 * @param Registry $input An optional Registry object with the entire data set to validate against the entire form. 39 * @param Form $form The form object for which the field is being tested. 40 * 41 * @return mixed The filtered value. 42 * 43 * @since 4.0.0 44 */ 45 public function filter(\SimpleXMLElement $element, $value, $group = null, Registry $input = null, Form $form = null) 46 { 47 if (empty($value)) { 48 return false; 49 } 50 51 // This cleans some of the more dangerous characters but leaves special characters that are valid. 52 $value = InputFilter::getInstance()->clean($value, 'html'); 53 $value = trim($value); 54 55 // <>" are never valid in a uri see https://www.ietf.org/rfc/rfc1738.txt 56 $value = str_replace(array('<', '>', '"'), '', $value); 57 58 // Check for a protocol 59 $protocol = parse_url($value, PHP_URL_SCHEME); 60 61 // If there is no protocol and the relative option is not specified, 62 // we assume that it is an external URL and prepend http:// 63 if ( 64 ((string) $element['type'] === 'url' && !$protocol && !$element['relative']) 65 || (!(string) $element['type'] === 'url' && !$protocol) 66 ) { 67 $protocol = 'http'; 68 69 // If it looks like an internal link, then add the root. 70 if (substr($value, 0, 9) === 'index.php') { 71 $value = Uri::root() . $value; 72 } else { 73 // Otherwise we treat it as an external link. 74 // Put the url back together. 75 $value = $protocol . '://' . $value; 76 } 77 } elseif (!$protocol && $element['relative']) { 78 // If relative URLS are allowed we assume that URLs without protocols are internal. 79 $host = Uri::getInstance('SERVER')->getHost(); 80 81 // If it starts with the host string, just prepend the protocol. 82 if (substr($value, 0) === $host) { 83 $value = 'http://' . $value; 84 } elseif (substr($value, 0, 1) !== '/') { 85 // Otherwise if it doesn't start with "/" prepend the prefix of the current site. 86 $value = Uri::root(true) . '/' . $value; 87 } 88 } 89 90 $value = PunycodeHelper::urlToPunycode($value); 91 92 return $value; 93 } 94 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |