diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2014-09-24 12:25:57 +0200 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2014-09-24 12:25:57 +0200 |
| commit | f3fef8934ee1614bc158c05699e57f0ba8a3fcb6 (patch) | |
| tree | dc0f45799152565dcb5bb1b399118c46888e5746 | |
| parent | 43279ee0103c7d26e1755ccdd353d6af2f38491b (diff) | |
| parent | c20b658f708f7ec65b845d554f579adb874d179f (diff) | |
| download | forums-f3fef8934ee1614bc158c05699e57f0ba8a3fcb6.tar forums-f3fef8934ee1614bc158c05699e57f0ba8a3fcb6.tar.gz forums-f3fef8934ee1614bc158c05699e57f0ba8a3fcb6.tar.bz2 forums-f3fef8934ee1614bc158c05699e57f0ba8a3fcb6.tar.xz forums-f3fef8934ee1614bc158c05699e57f0ba8a3fcb6.zip | |
Merge pull request #2954 from rxu/ticket/13055
[ticket/13055] Fix string profile fields validation to support unicode
| -rw-r--r-- | phpBB/language/en/acp/profile.php | 6 | ||||
| -rw-r--r-- | phpBB/language/en/ucp.php | 5 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v310/profilefield_field_validation_length.php | 90 | ||||
| -rw-r--r-- | phpBB/phpbb/profilefields/type/type_string_common.php | 9 | ||||
| -rw-r--r-- | tests/profilefields/type_string_test.php | 49 |
5 files changed, 157 insertions, 2 deletions
diff --git a/phpBB/language/en/acp/profile.php b/phpBB/language/en/acp/profile.php index d27deed602..5972f8a18e 100644 --- a/phpBB/language/en/acp/profile.php +++ b/phpBB/language/en/acp/profile.php @@ -119,6 +119,12 @@ $lang = array_merge($lang, array( 'LANG_SPECIFIC_OPTIONS' => 'Language specific options [<strong>%s</strong>]', + 'LETTER_NUM_DOTS' => 'Any letters, numbers and dots (periods)', + 'LETTER_NUM_ONLY' => 'Any letters and numbers', + 'LETTER_NUM_PUNCTUATION' => 'Any letters, numbers, comma, dots, underscores and dashes beginning with any letter', + 'LETTER_NUM_SPACERS' => 'Any letters, numbers and spacers', + 'LETTER_NUM_UNDERSCORE' => 'Any letters, numbers and underscores', + 'MAX_FIELD_CHARS' => 'Maximum number of characters', 'MAX_FIELD_NUMBER' => 'Highest allowed number', 'MIN_FIELD_CHARS' => 'Minimum number of characters', diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index d692828bd7..101292e171 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -214,6 +214,11 @@ $lang = array_merge($lang, array( 'FIELD_INVALID_CHARS_ALPHA_PUNCTUATION' => 'The field “%s” has invalid characters, only alphanumeric or _,-. characters are allowed and the first character must be alphabetic.', 'FIELD_INVALID_CHARS_ALPHA_SPACERS' => 'The field “%s” has invalid characters, only alphanumeric, space or -+_[] characters are allowed.', 'FIELD_INVALID_CHARS_ALPHA_UNDERSCORE' => 'The field “%s” has invalid characters, only alphanumeric or _ characters are allowed.', + 'FIELD_INVALID_CHARS_LETTER_NUM_DOTS' => 'The field “%s” has invalid characters, only letter, number or . characters are allowed.', + 'FIELD_INVALID_CHARS_LETTER_NUM_ONLY' => 'The field “%s” has invalid characters, only letter and number characters are allowed.', + 'FIELD_INVALID_CHARS_LETTER_NUM_PUNCTUATION' => 'The field “%s” has invalid characters, only letter, number or _,-. characters are allowed and the first character must be alphabetic.', + 'FIELD_INVALID_CHARS_LETTER_NUM_SPACERS' => 'The field “%s” has invalid characters, only letter, number, space or -+_[] characters are allowed.', + 'FIELD_INVALID_CHARS_LETTER_NUM_UNDERSCORE' => 'The field “%s” has invalid characters, only letter, number or _ characters are allowed.', 'FIELD_INVALID_DATE' => 'The field “%s” has an invalid date.', 'FIELD_INVALID_URL' => 'The field “%s” has an invalid url.', 'FIELD_INVALID_VALUE' => 'The field “%s” has an invalid value.', diff --git a/phpBB/phpbb/db/migration/data/v310/profilefield_field_validation_length.php b/phpBB/phpbb/db/migration/data/v310/profilefield_field_validation_length.php new file mode 100644 index 0000000000..c7d8b2dc91 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v310/profilefield_field_validation_length.php @@ -0,0 +1,90 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v310; + +class profilefield_field_validation_length extends \phpbb\db\migration\migration +{ + protected $validation_options_old = array( + 'ALPHA_SPACERS' => '[\w_\+\. \-\[\]]+', + ); + + protected $validation_options_new = array( + 'ALPHA_SPACERS' => '[\w\x20_+\-\[\]]+', + ); + + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v310\rc3', + ); + } + + public function update_schema() + { + return array( + 'change_columns' => array( + $this->table_prefix . 'profile_fields' => array( + 'field_validation' => array('VCHAR_UNI:64', ''), + ), + ), + ); + } + + public function revert_schema() + { + return array( + 'change_columns' => array( + $this->table_prefix . 'profile_fields' => array( + 'field_validation' => array('VCHAR_UNI:20', ''), + ), + ), + ); + } + + public function update_data() + { + return array( + array('custom', array(array($this, 'update_profile_fields_validation'))), + ); + } + + public function revert_data() + { + return array( + array('custom', array(array($this, 'revert_profile_fields_validation'))), + ); + } + + public function update_profile_fields_validation() + { + foreach ($this->validation_options_new as $validation_type => $regex) + { + $sql = 'UPDATE ' . $this->table_prefix . "profile_fields + SET field_validation = '" . $this->db->sql_escape($this->validation_options_new[$validation_type]) . "' + WHERE field_validation = '" . $this->db->sql_escape($this->validation_options_old[$validation_type]) . "'"; + $this->sql_query($sql); + } + } + + public function revert_profile_fields_validation() + { + foreach ($this->validation_options_new as $validation_type => $regex) + { + $sql = 'UPDATE ' . $this->table_prefix . "profile_fields + SET field_validation = '" . $this->db->sql_escape($this->validation_options_old[$validation_type]) . "' + WHERE field_validation = '" . $this->db->sql_escape($this->validation_options_new[$validation_type]) . "'"; + $this->sql_query($sql); + } + } +} diff --git a/phpBB/phpbb/profilefields/type/type_string_common.php b/phpBB/phpbb/profilefields/type/type_string_common.php index 0eaf7e527d..ff33a7b49c 100644 --- a/phpBB/phpbb/profilefields/type/type_string_common.php +++ b/phpBB/phpbb/profilefields/type/type_string_common.php @@ -21,8 +21,13 @@ abstract class type_string_common extends type_base 'ALPHA_ONLY' => '[\w]+', 'ALPHA_UNDERSCORE' => '[\w_]+', 'ALPHA_DOTS' => '[\w.]+', - 'ALPHA_SPACERS' => '[\w_\+\. \-\[\]]+', + 'ALPHA_SPACERS' => '[\w\x20_+\-\[\]]+', 'ALPHA_PUNCTUATION' => '[a-zA-Z][\w\.,\-_]+', + 'LETTER_NUM_ONLY' => '[\p{Lu}\p{Ll}0-9]+', + 'LETTER_NUM_UNDERSCORE' => '[\p{Lu}\p{Ll}0-9_]+', + 'LETTER_NUM_DOTS' => '[\p{Lu}\p{Ll}0-9.]+', + 'LETTER_NUM_SPACERS' => '[\p{Lu}\p{Ll}0-9\x20_+\-\[\]]+', + 'LETTER_NUM_PUNCTUATION' => '[\p{Lu}\p{Ll}][\p{Lu}\p{Ll}0-9.,\-_]+', ); /** @@ -79,7 +84,7 @@ abstract class type_string_common extends type_base if (!empty($field_data['field_validation']) && $field_data['field_validation'] != '.*') { $field_validate = ($field_type != 'text') ? $field_value : bbcode_nl2br($field_value); - if (!preg_match('#^' . str_replace('\\\\', '\\', $field_data['field_validation']) . '$#i', $field_validate)) + if (!preg_match('#^' . str_replace('\\\\', '\\', $field_data['field_validation']) . '$#iu', $field_validate)) { $validation = array_search($field_data['field_validation'], $this->validation_options); if ($validation) diff --git a/tests/profilefields/type_string_test.php b/tests/profilefields/type_string_test.php index d5384e0ae8..a7be087fb5 100644 --- a/tests/profilefields/type_string_test.php +++ b/tests/profilefields/type_string_test.php @@ -167,6 +167,55 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case 'FIELD_INVALID_CHARS_ALPHA_PUNCTUATION-field', 'Required field should reject field having invalid input for the given validation', ), + // UTF-8 string tests + array( + 'ö äö äö ä', + array('field_validation' => '[\p{Lu}\p{Ll}0-9]+'), + 'FIELD_INVALID_CHARS_LETTER_NUM_ONLY-field', + 'Required field should reject spaces in UTF-8 letternumeric only field', + ), + array( + 'Имя123', + array('field_validation' => '[\p{Lu}\p{Ll}0-9]+'), + false, + 'Required field should accept UTF-8 letternumeric only field', + ), + array( + 'Ö äö äö- ä+', + array('field_validation' => '[\p{Lu}\p{Ll}0-9_]+'), + 'FIELD_INVALID_CHARS_LETTER_NUM_UNDERSCORE-field', + 'Required field should reject spacers in UTF-8 letternumeric with underscore field', + ), + array( + 'Правильное.Имя123', + array('field_validation' => '[\p{Lu}\p{Ll}0-9.]+'), + false, + 'Required field should accept UTF-8 letternumeric field with dots', + ), + array( + 'Неправильное.,имя123', + array('field_validation' => '[\p{Lu}\p{Ll}0-9.]+'), + 'FIELD_INVALID_CHARS_LETTER_NUM_DOTS-field', + 'Required field should reject comma in UTF-8 letternumeric field with dots', + ), + array( + 'Ö äö äö- ä+', + array('field_validation' => '[\p{Lu}\p{Ll}0-9\x20_+\-\[\]]+'), + false, + 'Required field should accept spacers in UTF-8 letternumeric with spacers field', + ), + array( + 'skype.test.name,_this', + array('field_validation' => '[\p{Lu}\p{Ll}][\p{Lu}\p{Ll}0-9.,\-_]+'), + false, + 'Required field should accept alphanumeric value for UTF-8 letternumeric field with punctuations', + ), + array( + '1skype.this.should.fail', + array('field_validation' => '[\p{Lu}\p{Ll}][\p{Lu}\p{Ll}0-9.,\-_]+'), + 'FIELD_INVALID_CHARS_LETTER_NUM_PUNCTUATION-field', + 'Required field should reject field having leading numeric for UTF-8 letternumeric field with punctuations', + ), ); } |