aboutsummaryrefslogtreecommitdiff
path: root/lib/group_alias.php
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2014-03-16 21:01:00 -0300
committerSilvio Rhatto <rhatto@riseup.net>2014-03-16 21:01:00 -0300
commit046c84212fcb91df1fc6c2d66a4e893b890845b1 (patch)
tree47a0ca68d2ade1157bc3f43ecc4f476707f2b906 /lib/group_alias.php
downloadelgg-046c84212fcb91df1fc6c2d66a4e893b890845b1.tar.gz
elgg-046c84212fcb91df1fc6c2d66a4e893b890845b1.tar.bz2
Squashed 'mod/group_alias/' content from commit 1a3c9da
git-subtree-dir: mod/group_alias git-subtree-split: 1a3c9da3d7b9b002d28311fe75307ace8502463c
Diffstat (limited to 'lib/group_alias.php')
-rw-r--r--lib/group_alias.php84
1 files changed, 84 insertions, 0 deletions
diff --git a/lib/group_alias.php b/lib/group_alias.php
new file mode 100644
index 000000000..eb421e49e
--- /dev/null
+++ b/lib/group_alias.php
@@ -0,0 +1,84 @@
+<?php
+/**
+ * GroupAlias -- Shared Library
+ *
+ * @package Lorea
+ * @subpackage GroupAlias
+ *
+ * Copyright 2011-2013 Lorea Faeries <federation@lorea.org>
+ *
+ * This file is part of the GroupAlias plugin for Elgg.
+ *
+ * GroupAlias is free software: you can redistribute it and/or
+ * modify it under the terms of the GNU Affero General Public License
+ * as published by the Free Software Foundation, either version 3 of
+ * the License, or (at your option) any later version.
+ *
+ * GroupAlias is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+/**
+ * Simple function which ensures that a group alias contains only valid characters.
+ *
+ * This should only permit chars that are valid on the file system as well.
+ *
+ * @param string $alias Group alias
+ *
+ * @return bool
+ * @throws RegistrationException on invalid
+ */
+function group_alias_validate($alias) {
+
+ // Basic, check length
+ $min_length = elgg_get_config('minusername', 4);
+ if (strlen($alias) < $min_length) {
+ $msg = elgg_echo('groups:alias:registration:usernametooshort', array($min_length));
+ throw new RegistrationException($msg);
+ }
+
+ // username in the database has a limit of 128 characters
+ if (strlen($alias) > 128) {
+ $msg = elgg_echo('groups:alias:registration:usernametoolong', array(128));
+ throw new RegistrationException($msg);
+ }
+
+ // Blacklist for bad characters (partially nicked from mediawiki)
+ $blacklist = '/[' .
+ '\x{0080}-\x{009f}' . // iso-8859-1 control chars
+ '\x{00a0}' . // non-breaking space
+ '\x{2000}-\x{200f}' . // various whitespace
+ '\x{2028}-\x{202f}' . // breaks and control chars
+ '\x{3000}' . // ideographic space
+ '\x{e000}-\x{f8ff}' . // private use
+ ']/u';
+
+ if (
+ preg_match($blacklist, $alias)
+ ) {
+ throw new RegistrationException(elgg_echo('groups:alias:registration:invalidctrlchars'));
+ }
+
+ // Belts and braces
+ // @todo Tidy into main unicode
+ //$blacklist2 = '\'/\\"*& ?#%^(){}[]~?<>;|¬`@-+=';
+ $blacklist2 = '\'/\\"*& ?#%^(){}[]~?<>;|¬`=';
+
+ for ($n = 0; $n < strlen($blacklist2); $n++) {
+ if (strpos($alias, $blacklist2[$n]) !== false) {
+ $msg = elgg_echo('groups:alias:registration:invalidchars', array($blacklist2[$n], $blacklist2));
+ $msg = htmlentities($msg, ENT_COMPAT, 'UTF-8');
+ throw new RegistrationException($msg);
+ }
+ }
+
+ $result = true;
+ return elgg_trigger_plugin_hook('group_alias:validate', 'all',
+ array('alias' => $alias), $result);
+}