begin bookmark model class with URL validation method
This commit is contained in:
parent
40b4674e47
commit
2077464d46
4 changed files with 119 additions and 0 deletions
|
@ -462,6 +462,21 @@ $filetypes = array(
|
|||
'video' => array('avi', 'mov', 'mp4', 'mpeg', 'mpg', 'wmv')
|
||||
);
|
||||
|
||||
/**
|
||||
* Link protocols that are allowed for newly added bookmarks.
|
||||
* This prevents i.e. adding javascript: links.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/URI_scheme
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
$allowedProtocols = array(
|
||||
'ftp', 'ftps',
|
||||
'http', 'https',
|
||||
'mailto', 'nntp',
|
||||
'xmpp'
|
||||
);
|
||||
|
||||
/**
|
||||
* Enable the "common bookmark description" functionality
|
||||
*
|
||||
|
|
38
src/SemanticScuttle/Model/Bookmark.php
Normal file
38
src/SemanticScuttle/Model/Bookmark.php
Normal file
|
@ -0,0 +1,38 @@
|
|||
<?php
|
||||
/**
|
||||
* SemanticScuttle - your social bookmark manager.
|
||||
*
|
||||
* PHP version 5.
|
||||
*
|
||||
* @category Bookmarking
|
||||
* @package SemanticScuttle
|
||||
* @author Christian Weiske <cweiske@cweiske.de>
|
||||
* @license GPL http://www.gnu.org/licenses/gpl.html
|
||||
* @link http://sourceforge.net/projects/semanticscuttle
|
||||
*/
|
||||
|
||||
/**
|
||||
* Bookmark model class, keeping the data of a single bookmark.
|
||||
* It will slowly replace the old array style format.
|
||||
*
|
||||
* @category Bookmarking
|
||||
* @package SemanticScuttle
|
||||
* @author Christian Weiske <cweiske@cweiske.de>
|
||||
* @license GPL http://www.gnu.org/licenses/gpl.html
|
||||
* @link http://sourceforge.net/projects/semanticscuttle
|
||||
*/
|
||||
class SemanticScuttle_Model_Bookmark
|
||||
{
|
||||
public static function isValidUrl($url)
|
||||
{
|
||||
$scheme = parse_url($url, PHP_URL_SCHEME);
|
||||
if (array_search($scheme, $GLOBALS['allowedProtocols']) === false) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
?>
|
|
@ -82,6 +82,7 @@ require_once 'SemanticScuttle/Service.php';
|
|||
require_once 'SemanticScuttle/DbService.php';
|
||||
require_once 'SemanticScuttle/Service/Factory.php';
|
||||
require_once 'SemanticScuttle/functions.php';
|
||||
require_once 'SemanticScuttle/Model/Bookmark.php';
|
||||
require_once 'SemanticScuttle/Model/UserArray.php';
|
||||
|
||||
if (count($GLOBALS['serviceoverrides']) > 0
|
||||
|
|
65
tests/Model/BookmarkTest.php
Normal file
65
tests/Model/BookmarkTest.php
Normal file
|
@ -0,0 +1,65 @@
|
|||
<?php
|
||||
/**
|
||||
* SemanticScuttle - your social bookmark manager.
|
||||
*
|
||||
* PHP version 5.
|
||||
*
|
||||
* @category Bookmarking
|
||||
* @package SemanticScuttle
|
||||
* @author Christian Weiske <cweiske@cweiske.de>
|
||||
* @license GPL http://www.gnu.org/licenses/gpl.html
|
||||
* @link http://sourceforge.net/projects/semanticscuttle
|
||||
*/
|
||||
|
||||
/**
|
||||
* Unit tests for the SemanticScuttle Bookmark model
|
||||
*
|
||||
* @category Bookmarking
|
||||
* @package SemanticScuttle
|
||||
* @author Christian Weiske <cweiske@cweiske.de>
|
||||
* @license GPL http://www.gnu.org/licenses/gpl.html
|
||||
* @link http://sourceforge.net/projects/semanticscuttle
|
||||
*/
|
||||
class Model_BookmarkTest extends TestBase
|
||||
{
|
||||
public function testIsValidUrlValid()
|
||||
{
|
||||
$this->assertTrue(
|
||||
SemanticScuttle_Model_Bookmark::isValidUrl(
|
||||
'http://example.org/foo/bar?baz=foorina'
|
||||
)
|
||||
);
|
||||
$this->assertTrue(
|
||||
SemanticScuttle_Model_Bookmark::isValidUrl(
|
||||
'https://example.org/'
|
||||
)
|
||||
);
|
||||
$this->assertTrue(
|
||||
SemanticScuttle_Model_Bookmark::isValidUrl(
|
||||
'ftp://user:pass@example.org/'
|
||||
)
|
||||
);
|
||||
$this->assertTrue(
|
||||
SemanticScuttle_Model_Bookmark::isValidUrl(
|
||||
'mailto:cweiske@example.org'
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
public function testIsValidUrlInvalid()
|
||||
{
|
||||
$this->assertFalse(
|
||||
SemanticScuttle_Model_Bookmark::isValidUrl(
|
||||
'javascript:alert("foo")'
|
||||
)
|
||||
);
|
||||
$this->assertFalse(
|
||||
SemanticScuttle_Model_Bookmark::isValidUrl(
|
||||
'foo://example.org/foo/bar'
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
Loading…
Reference in a new issue