diff options
| author | Brion Vibber <brion@pobox.com> | 2010-03-30 17:35:27 -0700 |
|---|---|---|
| committer | Brion Vibber <brion@pobox.com> | 2010-03-30 17:35:27 -0700 |
| commit | 0841fa712ec558d283f533690d2db50dfa1da8fc (patch) | |
| tree | 406ea631c8704dfcfd81dceaacf5a1785ff2103b /lib/util.php | |
| parent | bfb2ac4910a52dde9bd3c39855f0488f56eb79bc (diff) | |
Ticket #1281: JID validation now more or less follows spec instead of calling e-mail validator
Basic splitting/validation code submitted via http://status.net/wiki/XMPP/JID_validation -- Copyright 2009 Patrick Georgi <patrick@georgi-clan.de> Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.
Added PEAR Net_IDNA package to extlib to handle IDN normalization (also used by Validate's email verifier if present).
* added test suite, supplemented my own test cases with JID validation and normalization test cases from libpurple
* follows XMPP rules for validation of name part
* fixes for normalization with non-ASCII names
* will do domain checks if $config['email']['check_domain'] is on, checking for an XMPP-server SRV record or any lookup. (We don't actually need to ping those direct though.)
* some more obscure stringprep validation rules aren't quite followed yet, but we err on the side of permissiveness.
* we still don't actually let you save your address with a resource on it, as we strip resources when looking up users who've sent us presence or message updates. I would recommend saving the outgoing resource as a separate field if/when we add that..?
Diffstat (limited to 'lib/util.php')
| -rw-r--r-- | lib/util.php | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/lib/util.php b/lib/util.php index 795997868..f4ee26bbf 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1397,6 +1397,55 @@ function common_valid_tag($tag) return false; } +/** + * Determine if given domain or address literal is valid + * eg for use in JIDs and URLs. Does not check if the domain + * exists! + * + * @param string $domain + * @return boolean valid or not + */ +function common_valid_domain($domain) +{ + $octet = "(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])"; + $ipv4 = "(?:$octet(?:\.$octet){3})"; + if (preg_match("/^$ipv4$/u", $domain)) return true; + + $group = "(?:[0-9a-f]{1,4})"; + $ipv6 = "(?:\[($group(?::$group){0,7})?(::)?($group(?::$group){0,7})?\])"; // http://tools.ietf.org/html/rfc3513#section-2.2 + + if (preg_match("/^$ipv6$/ui", $domain, $matches)) { + $before = explode(":", $matches[1]); + $zeroes = $matches[2]; + $after = explode(":", $matches[3]); + if ($zeroes) { + $min = 0; + $max = 7; + } else { + $min = 1; + $max = 8; + } + $explicit = count($before) + count($after); + if ($explicit < $min || $explicit > $max) { + return false; + } + return true; + } + + try { + require_once "Net/IDNA.php"; + $idn = Net_IDNA::getInstance(); + $domain = $idn->encode($domain); + } catch (Exception $e) { + return false; + } + + $subdomain = "(?:[a-z0-9][a-z0-9-]*)"; // @fixme + $fqdn = "(?:$subdomain(?:\.$subdomain)*\.?)"; + + return preg_match("/^$fqdn$/ui", $domain); +} + /* Following functions are copied from MediaWiki GlobalFunctions.php * and written by Evan Prodromou. */ |