parent
cd3643d174
commit
1eb7c19c1e
|
@ -12,42 +12,6 @@ use Friendica\Object\Image;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
function validate_url($url)
|
|
||||||
{
|
|
||||||
return Network::validateURL($url);
|
|
||||||
}
|
|
||||||
|
|
||||||
function validate_email($addr)
|
|
||||||
{
|
|
||||||
return Network::validateEmail($addr);
|
|
||||||
}
|
|
||||||
|
|
||||||
function allowed_url($url)
|
|
||||||
{
|
|
||||||
return Network::allowedURL($url);
|
|
||||||
}
|
|
||||||
|
|
||||||
function blocked_url($url)
|
|
||||||
{
|
|
||||||
return Network::blockedURL($url);
|
|
||||||
}
|
|
||||||
|
|
||||||
function allowed_email($email)
|
|
||||||
{
|
|
||||||
return Network::allowedEmail($email);
|
|
||||||
}
|
|
||||||
|
|
||||||
function allowed_domain($domain, array $domain_list)
|
|
||||||
{
|
|
||||||
return Network::allowedDomain($domain, $domain_list);
|
|
||||||
}
|
|
||||||
|
|
||||||
function avatar_img($email)
|
|
||||||
{
|
|
||||||
return Network::avatarImg($email);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
function parse_xml_string($s, $strict = true)
|
function parse_xml_string($s, $strict = true)
|
||||||
{
|
{
|
||||||
return Network::parseXmlString($s, $strict);
|
return Network::parseXmlString($s, $strict);
|
||||||
|
|
|
@ -332,20 +332,20 @@ function dfrn_request_post(App $a)
|
||||||
intval($contact_record['id'])
|
intval($contact_record['id'])
|
||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
$url = validate_url($url);
|
$url = Network::validateURL($url);
|
||||||
if (!$url) {
|
if (!$url) {
|
||||||
notice(L10n::t('Invalid profile URL.') . EOL);
|
notice(L10n::t('Invalid profile URL.') . EOL);
|
||||||
goaway(System::baseUrl() . '/' . $a->cmd);
|
goaway(System::baseUrl() . '/' . $a->cmd);
|
||||||
return; // NOTREACHED
|
return; // NOTREACHED
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!allowed_url($url)) {
|
if (!Network::allowedURL($url)) {
|
||||||
notice(L10n::t('Disallowed profile URL.') . EOL);
|
notice(L10n::t('Disallowed profile URL.') . EOL);
|
||||||
goaway(System::baseUrl() . '/' . $a->cmd);
|
goaway(System::baseUrl() . '/' . $a->cmd);
|
||||||
return; // NOTREACHED
|
return; // NOTREACHED
|
||||||
}
|
}
|
||||||
|
|
||||||
if (blocked_url($url)) {
|
if (Network::blockedURL($url)) {
|
||||||
notice(L10n::t('Blocked domain') . EOL);
|
notice(L10n::t('Blocked domain') . EOL);
|
||||||
goaway(System::baseUrl() . '/' . $a->cmd);
|
goaway(System::baseUrl() . '/' . $a->cmd);
|
||||||
return; // NOTREACHED
|
return; // NOTREACHED
|
||||||
|
|
|
@ -46,7 +46,7 @@ function dirfind_content(App $a, $prefix = "") {
|
||||||
if (strpos($search,'@') === 0) {
|
if (strpos($search,'@') === 0) {
|
||||||
$search = substr($search,1);
|
$search = substr($search,1);
|
||||||
$header = L10n::t('People Search - %s', $search);
|
$header = L10n::t('People Search - %s', $search);
|
||||||
if ((valid_email($search) && validate_email($search)) ||
|
if ((valid_email($search) && Network::validateEmail($search)) ||
|
||||||
(substr(normalise_link($search), 0, 7) == "http://")) {
|
(substr(normalise_link($search), 0, 7) == "http://")) {
|
||||||
$user_data = Probe::uri($search);
|
$user_data = Probe::uri($search);
|
||||||
$discover_user = (in_array($user_data["network"], [NETWORK_DFRN, NETWORK_OSTATUS, NETWORK_DIASPORA]));
|
$discover_user = (in_array($user_data["network"], [NETWORK_DFRN, NETWORK_OSTATUS, NETWORK_DIASPORA]));
|
||||||
|
|
|
@ -17,6 +17,7 @@ use Friendica\Model\GContact;
|
||||||
use Friendica\Model\Group;
|
use Friendica\Model\Group;
|
||||||
use Friendica\Model\User;
|
use Friendica\Model\User;
|
||||||
use Friendica\Protocol\Email;
|
use Friendica\Protocol\Email;
|
||||||
|
use Friendica\Util\Network;
|
||||||
|
|
||||||
function get_theme_config_file($theme)
|
function get_theme_config_file($theme)
|
||||||
{
|
{
|
||||||
|
@ -535,7 +536,7 @@ function settings_post(App $a)
|
||||||
|
|
||||||
// If openid has changed or if there's an openid but no openidserver, try and discover it.
|
// If openid has changed or if there's an openid but no openidserver, try and discover it.
|
||||||
if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) {
|
if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) {
|
||||||
if (validate_url($openid)) {
|
if (Network::validateURL($openid)) {
|
||||||
logger('updating openidserver');
|
logger('updating openidserver');
|
||||||
require_once 'library/openid.php';
|
require_once 'library/openid.php';
|
||||||
$open_id_obj = new LightOpenID;
|
$open_id_obj = new LightOpenID;
|
||||||
|
|
|
@ -312,7 +312,7 @@ class OEmbed
|
||||||
|
|
||||||
$allowed = explode(',', $str_allowed);
|
$allowed = explode(',', $str_allowed);
|
||||||
|
|
||||||
return allowed_domain($domain, $allowed);
|
return Network::allowedDomain($domain, $allowed);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function getHTML($url, $title = null)
|
public static function getHTML($url, $title = null)
|
||||||
|
|
|
@ -20,6 +20,7 @@ use Friendica\Protocol\DFRN;
|
||||||
use Friendica\Protocol\OStatus;
|
use Friendica\Protocol\OStatus;
|
||||||
use Friendica\Protocol\PortableContact;
|
use Friendica\Protocol\PortableContact;
|
||||||
use Friendica\Protocol\Salmon;
|
use Friendica\Protocol\Salmon;
|
||||||
|
use Friendica\Util\Network;
|
||||||
use dba;
|
use dba;
|
||||||
|
|
||||||
require_once 'boot.php';
|
require_once 'boot.php';
|
||||||
|
@ -1131,12 +1132,12 @@ class Contact extends BaseObject
|
||||||
// remove ajax junk, e.g. Twitter
|
// remove ajax junk, e.g. Twitter
|
||||||
$url = str_replace('/#!/', '/', $url);
|
$url = str_replace('/#!/', '/', $url);
|
||||||
|
|
||||||
if (!allowed_url($url)) {
|
if (!Network::allowedURL($url)) {
|
||||||
$result['message'] = L10n::t('Disallowed profile URL.');
|
$result['message'] = L10n::t('Disallowed profile URL.');
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (blocked_url($url)) {
|
if (Network::blockedURL($url)) {
|
||||||
$result['message'] = L10n::t('Blocked domain');
|
$result['message'] = L10n::t('Blocked domain');
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,6 +17,7 @@ use Friendica\Core\Worker;
|
||||||
use Friendica\Database\DBM;
|
use Friendica\Database\DBM;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Protocol\Diaspora;
|
use Friendica\Protocol\Diaspora;
|
||||||
|
use Friendica\Util\Network;
|
||||||
use dba;
|
use dba;
|
||||||
|
|
||||||
require_once 'include/dba.php';
|
require_once 'include/dba.php';
|
||||||
|
@ -963,7 +964,7 @@ class Profile
|
||||||
public static function zrlInit(App $a)
|
public static function zrlInit(App $a)
|
||||||
{
|
{
|
||||||
$my_url = self::getMyURL();
|
$my_url = self::getMyURL();
|
||||||
$my_url = validate_url($my_url);
|
$my_url = Network::validateURL($my_url);
|
||||||
if ($my_url) {
|
if ($my_url) {
|
||||||
// Is it a DDoS attempt?
|
// Is it a DDoS attempt?
|
||||||
// The check fetches the cached value from gprobe to reduce the load for this system
|
// The check fetches the cached value from gprobe to reduce the load for this system
|
||||||
|
|
|
@ -282,7 +282,7 @@ class User
|
||||||
|
|
||||||
if (!x($username) || !x($email) || !x($nickname)) {
|
if (!x($username) || !x($email) || !x($nickname)) {
|
||||||
if ($openid_url) {
|
if ($openid_url) {
|
||||||
if (!validate_url($openid_url)) {
|
if (!Network::validateURL($openid_url)) {
|
||||||
throw new Exception(L10n::t('Invalid OpenID url'));
|
throw new Exception(L10n::t('Invalid OpenID url'));
|
||||||
}
|
}
|
||||||
$_SESSION['register'] = 1;
|
$_SESSION['register'] = 1;
|
||||||
|
@ -305,7 +305,7 @@ class User
|
||||||
throw new Exception(L10n::t('Please enter the required information.'));
|
throw new Exception(L10n::t('Please enter the required information.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!validate_url($openid_url)) {
|
if (!Network::validateURL($openid_url)) {
|
||||||
$openid_url = '';
|
$openid_url = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -330,11 +330,11 @@ class User
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!allowed_email($email)) {
|
if (!Network::allowedEmail($email)) {
|
||||||
throw new Exception(L10n::t('Your email domain is not among those allowed on this site.'));
|
throw new Exception(L10n::t('Your email domain is not among those allowed on this site.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!valid_email($email) || !validate_email($email)) {
|
if (!valid_email($email) || !Network::validateEmail($email)) {
|
||||||
throw new Exception(L10n::t('Not a valid email address.'));
|
throw new Exception(L10n::t('Not a valid email address.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -461,7 +461,7 @@ class User
|
||||||
|
|
||||||
// if we have no OpenID photo try to look up an avatar
|
// if we have no OpenID photo try to look up an avatar
|
||||||
if (!strlen($photo)) {
|
if (!strlen($photo)) {
|
||||||
$photo = avatar_img($email);
|
$photo = Network::avatarImg($email);
|
||||||
}
|
}
|
||||||
|
|
||||||
// unless there is no avatar-addon loaded
|
// unless there is no avatar-addon loaded
|
||||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\Core\Config;
|
||||||
use Friendica\Core\L10n;
|
use Friendica\Core\L10n;
|
||||||
use Friendica\Database\DBM;
|
use Friendica\Database\DBM;
|
||||||
use Friendica\Model\User;
|
use Friendica\Model\User;
|
||||||
|
use Friendica\Util\Network;
|
||||||
use dba;
|
use dba;
|
||||||
|
|
||||||
require_once 'boot.php';
|
require_once 'boot.php';
|
||||||
|
@ -59,7 +60,7 @@ class Login extends BaseModule
|
||||||
$openid_url = trim($_POST['openid_url'] ? : $_POST['username']);
|
$openid_url = trim($_POST['openid_url'] ? : $_POST['username']);
|
||||||
|
|
||||||
// if it's an email address or doesn't resolve to a URL, fail.
|
// if it's an email address or doesn't resolve to a URL, fail.
|
||||||
if ($noid || strpos($openid_url, '@') || !validate_url($openid_url)) {
|
if ($noid || strpos($openid_url, '@') || !Network::validateURL($openid_url)) {
|
||||||
notice(L10n::t('Login failed.') . EOL);
|
notice(L10n::t('Login failed.') . EOL);
|
||||||
goaway(self::getApp()->get_baseurl());
|
goaway(self::getApp()->get_baseurl());
|
||||||
// NOTREACHED
|
// NOTREACHED
|
||||||
|
|
|
@ -1510,7 +1510,7 @@ class Probe
|
||||||
*/
|
*/
|
||||||
private static function mail($uri, $uid)
|
private static function mail($uri, $uid)
|
||||||
{
|
{
|
||||||
if (!validate_email($uri)) {
|
if (!Network::validateEmail($uri)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1544,7 +1544,7 @@ class Probe
|
||||||
$data["network"] = NETWORK_MAIL;
|
$data["network"] = NETWORK_MAIL;
|
||||||
$data["name"] = substr($uri, 0, strpos($uri, '@'));
|
$data["name"] = substr($uri, 0, strpos($uri, '@'));
|
||||||
$data["nick"] = $data["name"];
|
$data["nick"] = $data["name"];
|
||||||
$data["photo"] = avatar_img($uri);
|
$data["photo"] = Network::avatarImg($uri);
|
||||||
$data["url"] = 'mailto:'.$uri;
|
$data["url"] = 'mailto:'.$uri;
|
||||||
$data["notify"] = 'smtp '.random_string();
|
$data["notify"] = 'smtp '.random_string();
|
||||||
$data["poll"] = 'email '.random_string();
|
$data["poll"] = 'email '.random_string();
|
||||||
|
|
|
@ -79,7 +79,7 @@ class Network
|
||||||
|
|
||||||
$a = get_app();
|
$a = get_app();
|
||||||
|
|
||||||
if (blocked_url($url)) {
|
if (self::blockedURL($url)) {
|
||||||
logger('z_fetch_url: domain of ' . $url . ' is blocked', LOGGER_DATA);
|
logger('z_fetch_url: domain of ' . $url . ' is blocked', LOGGER_DATA);
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
@ -281,7 +281,7 @@ class Network
|
||||||
{
|
{
|
||||||
$stamp1 = microtime(true);
|
$stamp1 = microtime(true);
|
||||||
|
|
||||||
if (blocked_url($url)) {
|
if (self::blockedURL($url)) {
|
||||||
logger('post_url: domain of ' . $url . ' is blocked', LOGGER_DATA);
|
logger('post_url: domain of ' . $url . ' is blocked', LOGGER_DATA);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -622,7 +622,7 @@ class Network
|
||||||
|
|
||||||
$allowed = explode(',', $str_allowed);
|
$allowed = explode(',', $str_allowed);
|
||||||
|
|
||||||
return allowed_domain($domain, $allowed);
|
return self::allowedDomain($domain, $allowed);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue
Block a user