+ // Do not allow specifying the port (see RFC 3986) or IP addresses

+ if (!preg_match('#^(http|https|ftp)://(?:(.*?\.)*?[a-z0-9\-]+?\.[a-z]{2,4}|(?:\d{1,3}\.){3,5}\d{1,3}):?([0-9]*?).*?\.('. implode('|', $this->allowed_extensions) . ')$#i', $url) ||

+ preg_match('@^(http|https|ftp)://[^/:?#]+:[0-9]+[/:?#]@i', $url) ||

+ preg_match('#^(http|https|ftp)://(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])#i', $url) ||

+ preg_match('#^(http|https|ftp)://(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))#i', $url))

+ // Do not allow specifying the port (see RFC 3986) or IP addresses

+ // remote_upload() will do its own check for allowed filetypes

+ if (preg_match('@^(http|https|ftp)://[^/:?#]+:[0-9]+[/:?#]@i', $url) ||

+ preg_match('#^(http|https|ftp)://(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])#i', $url) ||

+ preg_match('#^(http|https|ftp)://(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))#i', $url))

+ {

+ $error[] = 'AVATAR_URL_INVALID';

+ return false;

+ }

+

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb\cache\driver;

+

+/**

+* ACM for APCU

+*/

+class apcu extends \phpbb\cache\driver\memory

+{

+ var $extension = 'apcu';

+

+ /**

+ * {@inheritDoc}

+ */

+ function purge()

+ {

+ apcu_clear_cache();

+

+ parent::purge();

+ }

+

+ /**

+ * Fetch an item from the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @return mixed Cached data

+ */

+ function _read($var)

+ {

+ return apcu_fetch($this->key_prefix . $var);

+ }

+

+ /**

+ * Store data in the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @param mixed $data Data to store

+ * @param int $ttl Time-to-live of cached data

+ * @return bool True if the operation succeeded

+ */

+ function _write($var, $data, $ttl = 2592000)

+ {

+ return apcu_store($this->key_prefix . $var, $data, $ttl);

+ }

+

+ /**

+ * Remove an item from the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @return bool True if the operation succeeded

+ */

+ function _delete($var)

+ {

+ return apcu_delete($this->key_prefix . $var);

+ }

+}

+ $this->memcached->addServer(trim($parts[1]), (int) trim($parts[2]));

+ if ($ttl == 0)

+ {

+ return $this->redis->set($var, $data);

+ }

+ $extension = $this->manager->get_extension($name);

+

+ if (!$extension->is_enableable())

+ {

+ $io->error($this->user->lang('CLI_EXTENSION_NOT_ENABLEABLE', $name));

+ return 1;

+ }

+ return 1;

+ $sql = 'UPDATE ' . USERS_TABLE . "

+ SET user_password = '" . $this->db->sql_escape($new_hash) . "'

+ WHERE user_id = " . (int) $row['user_id'];

+ $sql = 'UPDATE ' . USERS_TABLE . "

+ SET user_password = '" . $this->db->sql_escape($new_hash) . "'

+ WHERE user_id = " . (int) $row['user_id'];

+ $sql_data .= "DROP SEQUENCE IF EXISTS {$table_name}_seq;\n";

+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from

+# module mod_authz_host to a new module called mod_access_compat (which may be

+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.

+# We could just conditionally provide both versions, but unfortunately Apache

+# does not explicitly tell us its version if the module mod_version is not

+# available. In this case, we check for the availability of module

+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.

+<IfModule mod_version.c>

+ <IfVersion < 2.4>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfVersion>

+ <IfVersion >= 2.4>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfVersion>

+</IfModule>

+<IfModule !mod_version.c>

+ <IfModule !mod_authz_core.c>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfModule>

+ <IfModule mod_authz_core.c>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfModule>

+</IfModule>

+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from

+# module mod_authz_host to a new module called mod_access_compat (which may be

+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.

+# We could just conditionally provide both versions, but unfortunately Apache

+# does not explicitly tell us its version if the module mod_version is not

+# available. In this case, we check for the availability of module

+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.

+<IfModule mod_version.c>

+ <IfVersion < 2.4>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfVersion>

+ <IfVersion >= 2.4>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfVersion>

+</IfModule>

+<IfModule !mod_version.c>

+ <IfModule !mod_authz_core.c>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfModule>

+ <IfModule mod_authz_core.c>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfModule>

+</IfModule>

+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from

+# module mod_authz_host to a new module called mod_access_compat (which may be

+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.

+# We could just conditionally provide both versions, but unfortunately Apache

+# does not explicitly tell us its version if the module mod_version is not

+# available. In this case, we check for the availability of module

+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.

+<IfModule mod_version.c>

+ <IfVersion < 2.4>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfVersion>

+ <IfVersion >= 2.4>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfVersion>

+</IfModule>

+<IfModule !mod_version.c>

+ <IfModule !mod_authz_core.c>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfModule>

+ <IfModule mod_authz_core.c>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfModule>

+</IfModule>

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb\db\migration\data\v31x;

+

+class v3111 extends \phpbb\db\migration\migration

+{

+ public function effectively_installed()

+ {

+ return phpbb_version_compare($this->config['version'], '3.1.11', '>=');

+ }

+

+ static public function depends_on()

+ {

+ return array(

+ '\phpbb\db\migration\data\v31x\v3111rc1',

+ );

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('config.update', array('version', '3.1.11')),

+ );

+ }

+}

+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from

+# module mod_authz_host to a new module called mod_access_compat (which may be

+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.

+# We could just conditionally provide both versions, but unfortunately Apache

+# does not explicitly tell us its version if the module mod_version is not

+# available. In this case, we check for the availability of module

+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.

+<IfModule mod_version.c>

+ <IfVersion < 2.4>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfVersion>

+ <IfVersion >= 2.4>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfVersion>

+</IfModule>

+<IfModule !mod_version.c>

+ <IfModule !mod_authz_core.c>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfModule>

+ <IfModule mod_authz_core.c>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfModule>

+</IfModule>

+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from

+# module mod_authz_host to a new module called mod_access_compat (which may be

+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.

+# We could just conditionally provide both versions, but unfortunately Apache

+# does not explicitly tell us its version if the module mod_version is not

+# available. In this case, we check for the availability of module

+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.

+<IfModule mod_version.c>

+ <IfVersion < 2.4>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfVersion>

+ <IfVersion >= 2.4>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfVersion>

+</IfModule>

+<IfModule !mod_version.c>

+ <IfModule !mod_authz_core.c>

+ <Files "*">

+ Order Allow,Deny

+ Deny from All

+ </Files>

+ </IfModule>

+ <IfModule mod_authz_core.c>

+ <Files "*">

+ Require all denied

+ </Files>

+ </IfModule>

+</IfModule>

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb\db\migration\data\v32x;

+

+class v321 extends \phpbb\db\migration\migration

+{

+ public function effectively_installed()

+ {

+ return phpbb_version_compare($this->config['version'], '3.2.1', '>=');

+ }

+

+ static public function depends_on()

+ {

+ return array(

+ '\phpbb\db\migration\data\v32x\v321rc1',

+ );

+

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('config.update', array('version', '3.2.1')),

+ );

+ }

+}

+ $statements[] = "DROP SEQUENCE IF EXISTS {$table_name}_seq;\n";

+ // These DBMS prefix index name with the table name

+ $new_index_name = $this->check_index_name_length($table_name, $table_name . '_' . $index_name, false);

+ break;

+ default:

+ $new_index_name = $this->check_index_name_length($table_name, $index_name, false);

+ if (strtolower($row[$col]) == strtolower($new_index_name))

+ $index_name = substr($index_name, strlen($table_prefix));

+ return $this->check_index_name_length($table_name, $index_name, $throw_error);

+ // Try removing the remaining suffix part of table name then

+ $table_suffix = substr($table_name, strlen($table_prefix));

+ if (strpos($index_name, $table_suffix) === 0)

+ // Remove the suffix and underscore separator between table_name and index_name

+ $index_name = substr($index_name, strlen($table_suffix) + 1);

+ return $this->check_index_name_length($table_name, $index_name, $throw_error);

+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;

+ * Set to true to show full exception messages

+ *

+ * @var bool

+ */

+ protected $debug;

+

+ /**

+ * @param bool $debug Set to true to show full exception messages

+ public function __construct(\phpbb\template\template $template, \phpbb\language\language $language, $debug = false)

+ $this->debug = $debug || defined('DEBUG');

+ else if (!$this->debug && $exception instanceof NotFoundHttpException)

+ {

+ $message = $this->language->lang('PAGE_NOT_FOUND');

+ }

+ if ($this->debug)

+ preg_match('#^\$vars = (?:\[|array\()\'([a-zA-Z0-9_\' ,]+)\'[\)\]];$#', $line, $match);

+ $tpl_ary['DISABLED'] = isset($input_options['disabled']) ? $input_options['disabled'] : false;

+ if (!$not_button_form)

+ {

+ $this->template->destroy_block_vars('options');

+ }

+

+ $extension = $this->extension_manager->get_extension($ext_name);

+

+ if (!$extension->is_enableable())

+ {

+ $this->iohandler->add_log_message(array('CLI_EXTENSION_NOT_ENABLEABLE', $ext_name));

+ continue;

+ }

+

+ $this->installer_config->set('file_updater_elem_progress', '');

+ $this->installer_config->set('update_files', array());

+ $file_update_info = $this->installer_config->get('update_files', array());

+

+ if (count($file_update_info) > 0)

+ {

+ // Render download box

+ $this->iohandler->add_download_link(

+ 'phpbb_installer_update_file_download',

+ 'DOWNLOAD_UPDATE_METHOD',

+ 'DOWNLOAD_UPDATE_METHOD_EXPLAIN'

+ );

+ }

+ 'label' => 'UPDATE_CONTINUE_UPDATE_PROCESS',

+ 'type' => 'submit',

+ 'disabled' => count($file_update_info) > 0,

+ foreach ($file_update_info['update_without_diff'] as $key => $binary_file)

+ {

+ $new_file = $new_path . $binary_file;

+ $file = $this->phpbb_root_path . $binary_file;

+

+ if (!$this->filesystem->exists($file))

+ {

+ continue;

+ }

+

+ if (md5_file($file) === md5_file($new_file))

+ {

+ // File already up to date

+ unset($file_update_info['update_without_diff'][$key]);

+ }

+ }

+

+ // Remove update without diff info if empty

+ if (count($file_update_info['update_without_diff']) < 1)

+ {

+ unset($file_update_info['update_without_diff']);

+ }

+

+

+ // Remove files to delete list if empty

+ if (count($file_update_info['delete']) < 1)

+ {

+ unset($file_update_info['delete']);

+ }

+ 'submit_continue_file_update' => array(

+ 'label' => 'UPDATE_CONTINUE_FILE_UPDATE',

+ 'type' => 'submit',

+ $log[$key]['viewpost'] = (isset($topic_auth['f_read'][$row['topic_id']]) && $row['post_id']) ? append_sid("{$this->phpbb_root_path}viewtopic.{$this->php_ext}", 'f=' . $topic_auth['f_read'][$row['topic_id']] . '&amp;t=' . $row['topic_id'] . '&amp;p=' . $row['post_id'] . '#p' . $row['post_id']) : false;

+ 'type' => $type,

+ 'id' => $type->get_type(),

+ 'lang' => 'NOTIFICATION_TYPE_' . strtoupper($type->get_type()),

+ 'group' => 'NOTIFICATION_GROUP_MISCELLANEOUS',

+ 'method' => $method,

+use phpbb\notification\type\type_interface;

+

+ *

+ * @param type_interface $notification_type An optional instance of a notification type. If provided, this

+ * method additionally checks if the type provides an email template.

+ * @return bool

+ public function is_available(type_interface $notification_type = null)

+ return parent::is_available($notification_type) && $this->config['email_enable'] && $this->user->data['user_email'];

+use phpbb\notification\type\type_interface;

+

+ *

+ * @param type_interface $notification_type An optional instance of a notification type. If provided, this

+ * method additionally checks if the type provides an email template.

+ * @return bool

+ public function is_available(type_interface $notification_type = null)

+ return parent::is_available($notification_type) && $this->global_available() && $this->user->data['user_jabber'];

+use phpbb\notification\type\type_interface;

+

+ * Is this method available for the user?

+ * This is checked on the notifications options

+ *

+ * @param type_interface $notification_type An optional instance of a notification type. This method returns false

+ * only if the type is provided and if it doesn't provide an email template.

+ * @return bool

+ */

+ public function is_available(type_interface $notification_type = null)

+ {

+ return $notification_type === null || $notification_type->get_email_template() !== false;

+ }

+

+ /**

+

+ /**

+ * Tells if the router is currently in use (if the current page is a route or not)

+ *

+ * @return bool

+ */

+ public function is_router_used()

+ {

+ // Script name URI (e.g. phpBB/app.php)

+ $script_name = $this->symfony_request->getScriptName();

+

+ return basename($script_name) === 'app.' . $this->php_ext;

+ }

+ // Check for not allowed search queries for InnoDB.

+ // We assume similar restrictions for MyISAM, which is usually even

+ // slower but not as restrictive as InnoDB.

+ // InnoDB full-text search does not support the use of a leading

+ // plus sign with wildcard ('+*'), a plus and minus sign

+ // combination ('+-'), or leading a plus and minus sign combination.

+ // InnoDB full-text search only supports leading plus or minus signs.

+ // For example, InnoDB supports '+apple' but does not support 'apple+'.

+ // Specifying a trailing plus or minus sign causes InnoDB to report

+ // a syntax error. InnoDB full-text search does not support the use

+ // of multiple operators on a single search word, as in this example:

+ // '++apple'. Use of multiple operators on a single search word

+ // returns a syntax error to standard out.

+ // Also, ensure that the wildcard character is only used at the

+ // end of the line as it's intended by MySQL.

+ if (preg_match('#^(\+[+-]|\+\*|.+[+-]$|.+\*(?!$))#', $word))

+ {

+ unset($this->split_words[$i]);

+ continue;

+ }

+

+ if (substr($root_path, 0, 2) === './' && strpos($root_path, '..') === false)

+ {

+ $root_dirs = explode('/', str_replace('\\', '/', rtrim($root_path, '/')));

+ $page_dirs = explode('/', str_replace('\\', '/', '.'));

+ }

+ else

+ {

+ // current directory within the phpBB root (for example: adm)

+ $root_dirs = explode('/', str_replace('\\', '/', $phpbb_filesystem->realpath($root_path)));

+ $page_dirs = explode('/', str_replace('\\', '/', $phpbb_filesystem->realpath('./')));

+ }

+

+ if (isset($configurator->tags['QUOTE']))

+ {

+ // Remove the nesting limit and let other services remove quotes at parsing time

+ $configurator->tags['QUOTE']->nestingLimit = PHP_INT_MAX;

+ }

+

+ // Ignore emoticons that are immediately followed by a "word" character

+ $configurator->Emoticons->notBefore = '\\w';

+ $objects = $configurator->finalize();

+

+ /**

+ * Access the objects returned by finalize() before they are saved to cache

+ *

+ * @event core.text_formatter_s9e_configure_finalize

+ * @var array objects Array containing a "parser" object, a "renderer" object and optionally a "js" string

+ * @since 3.2.2-RC1

+ */

+ $vars = array('objects');

+ extract($this->dispatcher->trigger_event('core.text_formatter_s9e_configure_finalize', compact($vars)));

+

+ // Allow either phpBB template or the Twig syntax

+ preg_match_all('#<!-- BEGIN (.*?) -->(.*?)<!-- END .*? -->#s', $template, $matches, PREG_SET_ORDER) ?:

+ preg_match_all('#{% for (.*?) in .*? %}(.*?){% endfor %}#s', $template, $matches, PREG_SET_ORDER);

+ $html = $this->renderer->render($xml);

+ $html = $this->censor->censorHtml($html, true);

+ protected $version_schema = array(

+ 'stable' => array(

+ 'current' => 'version',

+ 'download' => 'url',

+ 'announcement' => 'url',

+ 'eol' => 'url',

+ 'security' => 'bool',

+ ),

+ 'unstable' => array(

+ 'current' => 'version',

+ 'download' => 'url',

+ 'announcement' => 'url',

+ 'eol' => 'url',

+ 'security' => 'bool',

+ ),

+ );

+

+ $info = $this->validate_versions($info);

+

+

+ /**

+ * Validate versions info input

+ *

+ * @param array $versions_info Decoded json data array. Will be modified

+ * and cleaned by this method

+ *

+ * @return array Versions info array

+ * @throws version_check_exception

+ */

+ public function validate_versions($versions_info)

+ {

+ $array_diff = array_diff_key($versions_info, array($this->version_schema));

+

+ // Remove excessive data

+ if (count($array_diff) > 0)

+ {

+ $old_versions_info = $versions_info;

+ $versions_info = array(

+ 'stable' => !empty($old_versions_info['stable']) ? $old_versions_info['stable'] : array(),

+ 'unstable' => !empty($old_versions_info['unstable']) ? $old_versions_info['unstable'] : array(),

+ );

+ unset($old_versions_info);

+ }

+

+ foreach ($versions_info as $stability_type => &$versions_data)

+ {

+ foreach ($versions_data as $branch => &$version_data)

+ {

+ if (!preg_match('/^[0-9a-z\-\.]+$/i', $branch))

+ {

+ unset($versions_data[$branch]);

+ continue;

+ }

+

+ $stability_diff = array_diff_key($version_data, $this->version_schema[$stability_type]);

+

+ if (count($stability_diff) > 0)

+ {

+ $old_version_data = $version_data;

+ $version_data = array();

+ foreach ($this->version_schema[$stability_type] as $key => $value)

+ {

+ if (isset($old_version_data[$key]))

+ {

+ $version_data[$key] = $old_version_data[$key];

+ }

+ }

+ unset($old_version_data);

+ }

+

+ foreach ($version_data as $key => &$value)

+ {

+ if (!isset($this->version_schema[$stability_type][$key]))

+ {

+ unset($version_data[$key]);

+ throw new version_check_exception('VERSIONCHECK_INVALID_ENTRY');

+ }

+

+ switch ($this->version_schema[$stability_type][$key])

+ {

+ case 'bool':

+ $value = (bool) $value;

+ break;

+

+ case 'url':

+ if (!empty($value) && !preg_match('#^' . get_preg_expression('url') . '$#iu', $value) &&

+ !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $value))

+ {

+ throw new version_check_exception('VERSIONCHECK_INVALID_URL');

+ }

+ break;

+

+ case 'version':

+ if (!empty($value) && !preg_match(get_preg_expression('semantic_version'), $value))

+ {

+ throw new version_check_exception('VERSIONCHECK_INVALID_VERSION');

+ }

+ break;

+

+ default:

+ // Shouldn't be possible to trigger this

+ throw new version_check_exception('VERSIONCHECK_INVALID_ENTRY');

+ }

+ }

+ }

+ }

+

+ return $versions_info;

+ }