diff options
Diffstat (limited to 'phpBB/phpbb/extension/metadata_manager.php')
| -rw-r--r-- | phpBB/phpbb/extension/metadata_manager.php | 168 |
1 files changed, 82 insertions, 86 deletions
diff --git a/phpBB/phpbb/extension/metadata_manager.php b/phpBB/phpbb/extension/metadata_manager.php index 66cdb86513..4f080647c8 100644 --- a/phpBB/phpbb/extension/metadata_manager.php +++ b/phpBB/phpbb/extension/metadata_manager.php @@ -1,9 +1,13 @@ <?php /** * -* @package extension -* @copyright (c) 2012 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\extension; /** * The extension metadata manager validates and gets meta-data for extensions -* -* @package extension */ class metadata_manager { @@ -63,8 +65,8 @@ class metadata_manager * * @param string $ext_name Name (including vendor) of the extension * @param \phpbb\config\config $config phpBB Config instance - * @param \phpbb\extension\manager $extension_manager An instance of the phpBBb extension manager - * @param \phpbb\template\template $template phpBB Template instance + * @param \phpbb\extension\manager $extension_manager An instance of the phpBB extension manager + * @param \phpbb\template\template $template phpBB Template instance * @param string $phpbb_root_path Path to the phpbb includes directory. */ public function __construct($ext_name, \phpbb\config\config $config, \phpbb\extension\manager $extension_manager, \phpbb\template\template $template, $phpbb_root_path) @@ -80,11 +82,11 @@ class metadata_manager } /** - * Processes and gets the metadata requested - * - * @param string $element All for all metadata that it has and is valid, otherwise specify which section you want by its shorthand term. - * @return array Contains all of the requested metadata, throws an exception on failure - */ + * Processes and gets the metadata requested + * + * @param string $element All for all metadata that it has and is valid, otherwise specify which section you want by its shorthand term. + * @return array Contains all of the requested metadata, throws an exception on failure + */ public function get_metadata($element = 'all') { $this->set_metadata_file(); @@ -126,10 +128,10 @@ class metadata_manager } /** - * Sets the filepath of the metadata file - * - * @return boolean Set to true if it exists, throws an exception on failure - */ + * Sets the filepath of the metadata file + * + * @throws \phpbb\extension\exception + */ private function set_metadata_file() { $ext_filepath = $this->extension_manager->get_extension_path($this->ext_name); @@ -139,33 +141,35 @@ class metadata_manager if (!file_exists($this->metadata_file)) { - throw new \phpbb\extension\exception('The required file does not exist: ' . $this->metadata_file); + throw new \phpbb\extension\exception('FILE_NOT_FOUND', array($this->metadata_file)); } } /** - * Gets the contents of the composer.json file - * - * @return bool True if success, throws an exception on failure - */ + * Gets the contents of the composer.json file + * + * @return bool True if success, throws an exception on failure + * @throws \phpbb\extension\exception + */ private function fetch_metadata() { if (!file_exists($this->metadata_file)) { - throw new \phpbb\extension\exception('The required file does not exist: ' . $this->metadata_file); + throw new \phpbb\extension\exception('FILE_NOT_FOUND', array($this->metadata_file)); } else { if (!($file_contents = file_get_contents($this->metadata_file))) { - throw new \phpbb\extension\exception('file_get_contents failed on ' . $this->metadata_file); + throw new \phpbb\extension\exception('FILE_CONTENT_ERR', array($this->metadata_file)); } if (($metadata = json_decode($file_contents, true)) === null) { - throw new \phpbb\extension\exception('json_decode failed on ' . $this->metadata_file); + throw new \phpbb\extension\exception('FILE_JSON_DECODE_ERR', array($this->metadata_file)); } + array_walk_recursive($metadata, array($this, 'sanitize_json')); $this->metadata = $metadata; return true; @@ -173,10 +177,21 @@ class metadata_manager } /** - * This array handles the cleaning of the array + * Sanitize input from JSON array using htmlspecialchars() * - * @return array Contains the cleaned metadata array + * @param mixed $value Value of array row + * @param string $key Key of array row */ + public function sanitize_json(&$value, $key) + { + $value = htmlspecialchars($value); + } + + /** + * This array handles the cleaning of the array + * + * @return array Contains the cleaned metadata array + */ private function clean_metadata_array() { return $this->metadata; @@ -189,6 +204,7 @@ class metadata_manager * "display" for name, type, and authors * "name", "type") * @return Bool True if valid, throws an exception if invalid + * @throws \phpbb\extension\exception */ public function validate($name = 'display') { @@ -196,7 +212,7 @@ class metadata_manager $fields = array( 'name' => '#^[a-zA-Z0-9_\x7f-\xff]{2,}/[a-zA-Z0-9_\x7f-\xff]{2,}$#', 'type' => '#^phpbb-extension$#', - 'licence' => '#.+#', + 'license' => '#.+#', 'version' => '#.+#', ); @@ -222,12 +238,12 @@ class metadata_manager { if (!isset($this->metadata[$name])) { - throw new \phpbb\extension\exception("Required meta field '$name' has not been set."); + throw new \phpbb\extension\exception('META_FIELD_NOT_SET', array($name)); } if (!preg_match($fields[$name], $this->metadata[$name])) { - throw new \phpbb\extension\exception("Meta field '$name' is invalid."); + throw new \phpbb\extension\exception('META_FIELD_INVALID', array($name)); } } break; @@ -237,22 +253,23 @@ class metadata_manager } /** - * Validates the contents of the authors field - * - * @return boolean True when passes validation, throws exception if invalid - */ + * Validates the contents of the authors field + * + * @return boolean True when passes validation, throws exception if invalid + * @throws \phpbb\extension\exception + */ public function validate_authors() { if (empty($this->metadata['authors'])) { - throw new \phpbb\extension\exception("Required meta field 'authors' has not been set."); + throw new \phpbb\extension\exception('META_FIELD_NOT_SET', array('authors')); } foreach ($this->metadata['authors'] as $author) { if (!isset($author['name'])) { - throw new \phpbb\extension\exception("Required meta field 'author name' has not been set."); + throw new \phpbb\extension\exception('META_FIELD_NOT_SET', array('author name')); } } @@ -260,10 +277,10 @@ class metadata_manager } /** - * This array handles the verification that this extension can be enabled on this board - * - * @return bool True if validation succeeded, False if failed - */ + * This array handles the verification that this extension can be enabled on this board + * + * @return bool True if validation succeeded, False if failed + */ public function validate_enable() { // Check for valid directory & phpBB, PHP versions @@ -276,10 +293,10 @@ class metadata_manager } /** - * Validates the most basic directory structure to ensure it follows <vendor>/<ext> convention. - * - * @return boolean True when passes validation - */ + * Validates the most basic directory structure to ensure it follows <vendor>/<ext> convention. + * + * @return boolean True when passes validation + */ public function validate_dir() { return (substr_count($this->ext_name, '/') === 1 && $this->ext_name == $this->get_metadata('name')); @@ -287,13 +304,13 @@ class metadata_manager /** - * Validates the contents of the phpbb requirement field - * - * @return boolean True when passes validation - */ + * Validates the contents of the phpbb requirement field + * + * @return boolean True when passes validation + */ public function validate_require_phpbb() { - if (!isset($this->metadata['require']['phpbb/phpbb'])) + if (!isset($this->metadata['extra']['soft-require']['phpbb/phpbb'])) { return false; } @@ -302,10 +319,10 @@ class metadata_manager } /** - * Validates the contents of the php requirement field - * - * @return boolean True when passes validation - */ + * Validates the contents of the php requirement field + * + * @return boolean True when passes validation + */ public function validate_require_php() { if (!isset($this->metadata['require']['php'])) @@ -317,58 +334,37 @@ class metadata_manager } /** - * Version validation helper + * Outputs the metadata into the template * - * @param string $string The string for comparing to a version - * @param string $current_version The version to compare to - * @return bool True/False if meets version requirements + * @return null */ - private function _validate_version($string, $current_version) - { - // Allow them to specify their own comparison operator (ex: <3.1.2, >=3.1.0) - $comparison_matches = false; - preg_match('#[=<>]+#', $string, $comparison_matches); - - if (!empty($comparison_matches)) - { - return version_compare($current_version, str_replace(array($comparison_matches[0], ' '), '', $string), $comparison_matches[0]); - } - - return version_compare($current_version, $string, '>='); - } - - /** - * Outputs the metadata into the template - * - * @return null - */ public function output_template_data() { $this->template->assign_vars(array( - 'META_NAME' => htmlspecialchars($this->metadata['name']), - 'META_TYPE' => htmlspecialchars($this->metadata['type']), - 'META_DESCRIPTION' => (isset($this->metadata['description'])) ? htmlspecialchars($this->metadata['description']) : '', + 'META_NAME' => $this->metadata['name'], + 'META_TYPE' => $this->metadata['type'], + 'META_DESCRIPTION' => (isset($this->metadata['description'])) ? $this->metadata['description'] : '', 'META_HOMEPAGE' => (isset($this->metadata['homepage'])) ? $this->metadata['homepage'] : '', - 'META_VERSION' => (isset($this->metadata['version'])) ? htmlspecialchars($this->metadata['version']) : '', - 'META_TIME' => (isset($this->metadata['time'])) ? htmlspecialchars($this->metadata['time']) : '', - 'META_LICENCE' => htmlspecialchars($this->metadata['licence']), + 'META_VERSION' => (isset($this->metadata['version'])) ? $this->metadata['version'] : '', + 'META_TIME' => (isset($this->metadata['time'])) ? $this->metadata['time'] : '', + 'META_LICENSE' => $this->metadata['license'], - 'META_REQUIRE_PHP' => (isset($this->metadata['require']['php'])) ? htmlspecialchars($this->metadata['require']['php']) : '', + 'META_REQUIRE_PHP' => (isset($this->metadata['require']['php'])) ? $this->metadata['require']['php'] : '', 'META_REQUIRE_PHP_FAIL' => !$this->validate_require_php(), - 'META_REQUIRE_PHPBB' => (isset($this->metadata['require']['phpbb/phpbb'])) ? htmlspecialchars($this->metadata['require']['phpbb/phpbb']) : '', + 'META_REQUIRE_PHPBB' => (isset($this->metadata['extra']['soft-require']['phpbb/phpbb'])) ? $this->metadata['extra']['soft-require']['phpbb/phpbb'] : '', 'META_REQUIRE_PHPBB_FAIL' => !$this->validate_require_phpbb(), - 'META_DISPLAY_NAME' => (isset($this->metadata['extra']['display-name'])) ? htmlspecialchars($this->metadata['extra']['display-name']) : '', + 'META_DISPLAY_NAME' => (isset($this->metadata['extra']['display-name'])) ? $this->metadata['extra']['display-name'] : '', )); foreach ($this->metadata['authors'] as $author) { $this->template->assign_block_vars('meta_authors', array( - 'AUTHOR_NAME' => htmlspecialchars($author['name']), + 'AUTHOR_NAME' => $author['name'], 'AUTHOR_EMAIL' => (isset($author['email'])) ? $author['email'] : '', 'AUTHOR_HOMEPAGE' => (isset($author['homepage'])) ? $author['homepage'] : '', - 'AUTHOR_ROLE' => (isset($author['role'])) ? htmlspecialchars($author['role']) : '', + 'AUTHOR_ROLE' => (isset($author['role'])) ? $author['role'] : '', )); } } |