| 1 |
efrain |
1 |
<?php
|
|
|
2 |
// This file is part of Moodle - http://moodle.org/
|
|
|
3 |
//
|
|
|
4 |
// Moodle is free software: you can redistribute it and/or modify
|
|
|
5 |
// it under the terms of the GNU General Public License as published by
|
|
|
6 |
// the Free Software Foundation, either version 3 of the License, or
|
|
|
7 |
// (at your option) any later version.
|
|
|
8 |
//
|
|
|
9 |
// Moodle is distributed in the hope that it will be useful,
|
|
|
10 |
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
11 |
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
12 |
// GNU General Public License for more details.
|
|
|
13 |
//
|
|
|
14 |
// You should have received a copy of the GNU General Public License
|
|
|
15 |
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
|
|
16 |
|
|
|
17 |
namespace core;
|
|
|
18 |
|
|
|
19 |
use coding_exception;
|
|
|
20 |
use core_text;
|
|
|
21 |
use core\attribute\deprecated;
|
|
|
22 |
use core\ip_utils;
|
|
|
23 |
use invalid_parameter_exception;
|
|
|
24 |
use moodle_exception;
|
|
|
25 |
|
|
|
26 |
// phpcs:disable Generic.CodeAnalysis.EmptyStatement.DetectedIf
|
|
|
27 |
|
|
|
28 |
/**
|
|
|
29 |
* Parameter validation helpers for Moodle.
|
|
|
30 |
*
|
|
|
31 |
* @package core
|
|
|
32 |
* @copyright 2023 Andrew Lyons <andrew@nicols.co.uk>
|
|
|
33 |
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
|
|
34 |
*/
|
|
|
35 |
enum param: string {
|
|
|
36 |
/**
|
|
|
37 |
* PARAM_ALPHA - contains only English ascii letters [a-zA-Z].
|
|
|
38 |
*/
|
|
|
39 |
case ALPHA = 'alpha';
|
|
|
40 |
|
|
|
41 |
/**
|
|
|
42 |
* PARAM_ALPHAEXT the same contents as PARAM_ALPHA (English ascii letters [a-zA-Z]) plus the chars in quotes: "_-" allowed
|
|
|
43 |
* NOTE: originally this allowed "/" too, please use PARAM_SAFEPATH if "/" needed
|
|
|
44 |
*/
|
|
|
45 |
case ALPHAEXT = 'alphaext';
|
|
|
46 |
|
|
|
47 |
/**
|
|
|
48 |
* PARAM_ALPHANUM - expected numbers 0-9 and English ascii letters [a-zA-Z] only.
|
|
|
49 |
*/
|
|
|
50 |
case ALPHANUM = 'alphanum';
|
|
|
51 |
|
|
|
52 |
/**
|
|
|
53 |
* PARAM_ALPHANUMEXT - expected numbers 0-9, letters (English ascii letters [a-zA-Z]) and _- only.
|
|
|
54 |
*/
|
|
|
55 |
case ALPHANUMEXT = 'alphanumext';
|
|
|
56 |
|
|
|
57 |
/**
|
|
|
58 |
* PARAM_AUTH - actually checks to make sure the string is a valid auth plugin
|
|
|
59 |
*/
|
|
|
60 |
case AUTH = 'auth';
|
|
|
61 |
|
|
|
62 |
/**
|
|
|
63 |
* PARAM_BASE64 - Base 64 encoded format
|
|
|
64 |
*/
|
|
|
65 |
case BASE64 = 'base64';
|
|
|
66 |
|
|
|
67 |
/**
|
|
|
68 |
* PARAM_BOOL - converts input into 0 or 1, use for switches in forms and urls.
|
|
|
69 |
*/
|
|
|
70 |
case BOOL = 'bool';
|
|
|
71 |
|
|
|
72 |
/**
|
|
|
73 |
* PARAM_CAPABILITY - A capability name, like 'moodle/role:manage'. Actually
|
|
|
74 |
* checked against the list of capabilities in the database.
|
|
|
75 |
*/
|
|
|
76 |
case CAPABILITY = 'capability';
|
|
|
77 |
|
|
|
78 |
/**
|
|
|
79 |
* PARAM_CLEANHTML - cleans submitted HTML code. Note that you almost never want
|
|
|
80 |
* to use this. The normal mode of operation is to use PARAM_RAW when receiving
|
|
|
81 |
* the input (required/optional_param or formslib) and then sanitise the HTML
|
|
|
82 |
* using format_text on output. This is for the rare cases when you want to
|
|
|
83 |
* sanitise the HTML on input. This cleaning may also fix xhtml strictness.
|
|
|
84 |
*/
|
|
|
85 |
case CLEANHTML = 'cleanhtml';
|
|
|
86 |
|
|
|
87 |
/**
|
|
|
88 |
* PARAM_EMAIL - an email address following the RFC
|
|
|
89 |
*/
|
|
|
90 |
case EMAIL = 'email';
|
|
|
91 |
|
|
|
92 |
/**
|
|
|
93 |
* PARAM_FILE - safe file name, all dangerous chars are stripped, protects against XSS, SQL injections and directory traversals
|
|
|
94 |
*/
|
|
|
95 |
case FILE = 'file';
|
|
|
96 |
|
|
|
97 |
/**
|
|
|
98 |
* PARAM_FLOAT - a real/floating point number.
|
|
|
99 |
*
|
|
|
100 |
* Note that you should not use PARAM_FLOAT for numbers typed in by the user.
|
|
|
101 |
* It does not work for languages that use , as a decimal separator.
|
|
|
102 |
* Use PARAM_LOCALISEDFLOAT instead.
|
|
|
103 |
*/
|
|
|
104 |
case FLOAT = 'float';
|
|
|
105 |
|
|
|
106 |
/**
|
|
|
107 |
* PARAM_LOCALISEDFLOAT - a localised real/floating point number.
|
|
|
108 |
* This is preferred over PARAM_FLOAT for numbers typed in by the user.
|
|
|
109 |
* Cleans localised numbers to computer readable numbers; false for invalid numbers.
|
|
|
110 |
*/
|
|
|
111 |
case LOCALISEDFLOAT = 'localisedfloat';
|
|
|
112 |
|
|
|
113 |
/**
|
|
|
114 |
* PARAM_HOST - expected fully qualified domain name (FQDN) or an IPv4 dotted quad (IP address)
|
|
|
115 |
*/
|
|
|
116 |
case HOST = 'host';
|
|
|
117 |
|
|
|
118 |
/**
|
|
|
119 |
* PARAM_INT - integers only, use when expecting only numbers.
|
|
|
120 |
*/
|
|
|
121 |
case INT = 'int';
|
|
|
122 |
|
|
|
123 |
/**
|
|
|
124 |
* PARAM_LANG - checks to see if the string is a valid installed language in the current site.
|
|
|
125 |
*/
|
|
|
126 |
case LANG = 'lang';
|
|
|
127 |
|
|
|
128 |
/**
|
|
|
129 |
* PARAM_LOCALURL - expected properly formatted URL as well as one that refers to the local server itself. (NOT orthogonal to the
|
|
|
130 |
* others! Implies PARAM_URL!)
|
|
|
131 |
*/
|
|
|
132 |
case LOCALURL = 'localurl';
|
|
|
133 |
|
|
|
134 |
/**
|
|
|
135 |
* PARAM_NOTAGS - all html tags are stripped from the text. Do not abuse this type.
|
|
|
136 |
*/
|
|
|
137 |
case NOTAGS = 'notags';
|
|
|
138 |
|
|
|
139 |
/**
|
|
|
140 |
* PARAM_PATH - safe relative path name, all dangerous chars are stripped, protects against XSS, SQL injections and directory
|
|
|
141 |
* traversals note: the leading slash is not removed, window drive letter is not allowed
|
|
|
142 |
*/
|
|
|
143 |
case PATH = 'path';
|
|
|
144 |
|
|
|
145 |
/**
|
|
|
146 |
* PARAM_PEM - Privacy Enhanced Mail format
|
|
|
147 |
*/
|
|
|
148 |
case PEM = 'pem';
|
|
|
149 |
|
|
|
150 |
/**
|
|
|
151 |
* PARAM_PERMISSION - A permission, one of CAP_INHERIT, CAP_ALLOW, CAP_PREVENT or CAP_PROHIBIT.
|
|
|
152 |
*/
|
|
|
153 |
case PERMISSION = 'permission';
|
|
|
154 |
|
|
|
155 |
/**
|
|
|
156 |
* PARAM_RAW specifies a parameter that is not cleaned/processed in any way except the discarding of the invalid utf-8 characters
|
|
|
157 |
*/
|
|
|
158 |
case RAW = 'raw';
|
|
|
159 |
|
|
|
160 |
/**
|
|
|
161 |
* PARAM_RAW_TRIMMED like PARAM_RAW but leading and trailing whitespace is stripped.
|
|
|
162 |
*/
|
|
|
163 |
case RAW_TRIMMED = 'raw_trimmed';
|
|
|
164 |
|
|
|
165 |
/**
|
|
|
166 |
* PARAM_SAFEDIR - safe directory name, suitable for include() and require()
|
|
|
167 |
*/
|
|
|
168 |
case SAFEDIR = 'safedir';
|
|
|
169 |
|
|
|
170 |
/**
|
|
|
171 |
* PARAM_SAFEPATH - several PARAM_SAFEDIR joined by "/", suitable for include() and require(), plugin paths
|
|
|
172 |
* and other references to Moodle code files.
|
|
|
173 |
*
|
|
|
174 |
* This is NOT intended to be used for absolute paths or any user uploaded files.
|
|
|
175 |
*/
|
|
|
176 |
case SAFEPATH = 'safepath';
|
|
|
177 |
|
|
|
178 |
/**
|
|
|
179 |
* PARAM_SEQUENCE - expects a sequence of numbers like 8 to 1,5,6,4,6,8,9. Numbers and comma only.
|
|
|
180 |
*/
|
|
|
181 |
case SEQUENCE = 'sequence';
|
|
|
182 |
|
|
|
183 |
/**
|
|
|
184 |
* PARAM_TAG - one tag (interests, blogs, etc.) - mostly international characters and space, <> not supported
|
|
|
185 |
*/
|
|
|
186 |
case TAG = 'tag';
|
|
|
187 |
|
|
|
188 |
/**
|
|
|
189 |
* PARAM_TAGLIST - list of tags separated by commas (interests, blogs, etc.)
|
|
|
190 |
*/
|
|
|
191 |
case TAGLIST = 'taglist';
|
|
|
192 |
|
|
|
193 |
/**
|
|
|
194 |
* PARAM_TEXT - general plain text compatible with multilang filter, no other html tags. Please note '<', or '>' are allowed here.
|
|
|
195 |
*/
|
|
|
196 |
case TEXT = 'text';
|
|
|
197 |
|
|
|
198 |
/**
|
|
|
199 |
* PARAM_THEME - Checks to see if the string is a valid theme name in the current site
|
|
|
200 |
*/
|
|
|
201 |
case THEME = 'theme';
|
|
|
202 |
|
|
|
203 |
/**
|
|
|
204 |
* PARAM_URL - expected properly formatted URL. Please note that domain part is required, http://localhost/ is not accepted but
|
|
|
205 |
* http://localhost.localdomain/ is ok.
|
|
|
206 |
*/
|
|
|
207 |
case URL = 'url';
|
|
|
208 |
|
|
|
209 |
/**
|
|
|
210 |
* PARAM_USERNAME - Clean username to only contains allowed characters. This is to be used ONLY when manually creating user
|
|
|
211 |
* accounts, do NOT use when syncing with external systems!!
|
|
|
212 |
*/
|
|
|
213 |
case USERNAME = 'username';
|
|
|
214 |
|
|
|
215 |
/**
|
|
|
216 |
* PARAM_STRINGID - used to check if the given string is valid string identifier for get_string()
|
|
|
217 |
*/
|
|
|
218 |
case STRINGID = 'stringid';
|
|
|
219 |
|
|
|
220 |
/**
|
|
|
221 |
* PARAM_CLEAN - obsoleted, please use a more specific type of parameter.
|
|
|
222 |
* It was one of the first types, that is why it is abused so much ;-)
|
|
|
223 |
* @deprecated since 2.0
|
|
|
224 |
*/
|
|
|
225 |
#[deprecated(
|
|
|
226 |
replacement: 'a more specific type of parameter',
|
|
|
227 |
since: '2.0',
|
|
|
228 |
reason: 'The CLEAN param type is too generic to perform satisfactory validation',
|
|
|
229 |
emit: false,
|
|
|
230 |
)]
|
|
|
231 |
case CLEAN = 'clean';
|
|
|
232 |
|
|
|
233 |
/**
|
|
|
234 |
* PARAM_INTEGER - deprecated alias for PARAM_INT
|
|
|
235 |
* @deprecated since 2.0
|
|
|
236 |
*/
|
|
|
237 |
#[deprecated(
|
|
|
238 |
replacement: 'param::INT',
|
|
|
239 |
since: '2.0',
|
|
|
240 |
reason: 'Alias for INT',
|
|
|
241 |
final: true,
|
|
|
242 |
)]
|
|
|
243 |
case INTEGER = 'integer';
|
|
|
244 |
|
|
|
245 |
/**
|
|
|
246 |
* PARAM_NUMBER - deprecated alias of PARAM_FLOAT
|
|
|
247 |
* @deprecated since 2.0
|
|
|
248 |
*/
|
|
|
249 |
#[deprecated(
|
|
|
250 |
replacement: 'param::FLOAT',
|
|
|
251 |
since: '2.0',
|
|
|
252 |
reason: 'Alias for FLOAT',
|
|
|
253 |
final: true,
|
|
|
254 |
)]
|
|
|
255 |
case NUMBER = 'number';
|
|
|
256 |
|
|
|
257 |
/**
|
|
|
258 |
* PARAM_ACTION - deprecated alias for PARAM_ALPHANUMEXT, use for various actions in forms and urls
|
|
|
259 |
* NOTE: originally alias for PARAM_ALPHANUMEXT
|
|
|
260 |
* @deprecated since 2.0
|
|
|
261 |
*/
|
|
|
262 |
#[deprecated(
|
|
|
263 |
replacement: 'param::ALPHANUMEXT',
|
|
|
264 |
since: '2.0',
|
|
|
265 |
reason: 'Alias for PARAM_ALPHANUMEXT',
|
|
|
266 |
final: true,
|
|
|
267 |
)]
|
|
|
268 |
case ACTION = 'action';
|
|
|
269 |
|
|
|
270 |
/**
|
|
|
271 |
* PARAM_FORMAT - deprecated alias for PARAM_ALPHANUMEXT, use for names of plugins, formats, etc.
|
|
|
272 |
* NOTE: originally alias for PARAM_APLHA
|
|
|
273 |
* @deprecated since 2.0
|
|
|
274 |
*/
|
|
|
275 |
#[deprecated(
|
|
|
276 |
replacement: 'param::ALPHANUMEXT',
|
|
|
277 |
since: '2.0',
|
|
|
278 |
reason: 'Alias for PARAM_ALPHANUMEXT',
|
|
|
279 |
final: true,
|
|
|
280 |
)]
|
|
|
281 |
case FORMAT = 'format';
|
|
|
282 |
|
|
|
283 |
/**
|
|
|
284 |
* PARAM_MULTILANG - deprecated alias of PARAM_TEXT.
|
|
|
285 |
* @deprecated since 2.0
|
|
|
286 |
*/
|
|
|
287 |
#[deprecated(
|
|
|
288 |
replacement: 'param::TEXT',
|
|
|
289 |
since: '2.0',
|
|
|
290 |
reason: 'Alias for PARAM_TEXT',
|
|
|
291 |
final: true,
|
|
|
292 |
)]
|
|
|
293 |
case MULTILANG = 'multilang';
|
|
|
294 |
|
|
|
295 |
/**
|
|
|
296 |
* PARAM_TIMEZONE - expected timezone. Timezone can be int +-(0-13) or float +-(0.5-12.5) or
|
|
|
297 |
* string separated by '/' and can have '-' &/ '_' (eg. America/North_Dakota/New_Salem
|
|
|
298 |
* America/Port-au-Prince)
|
|
|
299 |
*/
|
|
|
300 |
case TIMEZONE = 'timezone';
|
|
|
301 |
|
|
|
302 |
/**
|
|
|
303 |
* PARAM_CLEANFILE - deprecated alias of PARAM_FILE; originally was removing regional chars too
|
|
|
304 |
* @deprecated since 2.0
|
|
|
305 |
*/
|
|
|
306 |
#[deprecated(
|
|
|
307 |
replacement: 'param::FILE',
|
|
|
308 |
since: '2.0',
|
|
|
309 |
reason: 'Alias for PARAM_FILE',
|
|
|
310 |
)]
|
|
|
311 |
case CLEANFILE = 'cleanfile';
|
|
|
312 |
|
|
|
313 |
/**
|
|
|
314 |
* PARAM_COMPONENT is used for full component names (aka frankenstyle) such as 'mod_forum = 'core_rating', 'auth_ldap'.
|
|
|
315 |
* Short legacy subsystem names and module names are accepted too ex: 'forum = 'rating', 'user'.
|
|
|
316 |
* Only lowercase ascii letters, numbers and underscores are allowed, it has to start with a letter.
|
|
|
317 |
* NOTE: numbers and underscores are strongly discouraged in plugin names!
|
|
|
318 |
*/
|
|
|
319 |
case COMPONENT = 'component';
|
|
|
320 |
|
|
|
321 |
/**
|
|
|
322 |
* PARAM_AREA is a name of area used when addressing files, comments, ratings, etc.
|
|
|
323 |
* It is usually used together with context id and component.
|
|
|
324 |
* Only lowercase ascii letters, numbers and underscores are allowed, it has to start with a letter.
|
|
|
325 |
*/
|
|
|
326 |
case AREA = 'area';
|
|
|
327 |
|
|
|
328 |
/**
|
|
|
329 |
* PARAM_PLUGIN is used for plugin names such as 'forum = 'glossary', 'ldap', 'paypal', 'completionstatus'.
|
|
|
330 |
* Only lowercase ascii letters, numbers and underscores are allowed, it has to start with a letter.
|
|
|
331 |
* NOTE: numbers and underscores are strongly discouraged in plugin names! Underscores are forbidden in module names.
|
|
|
332 |
*/
|
|
|
333 |
case PLUGIN = 'plugin';
|
|
|
334 |
|
|
|
335 |
/**
|
|
|
336 |
* Get the canonical enumerated parameter from the parameter type name.
|
|
|
337 |
*
|
|
|
338 |
* @param string $paramname
|
|
|
339 |
* @return param
|
|
|
340 |
* @throws coding_exception If the parameter is unknown.
|
|
|
341 |
*/
|
|
|
342 |
public static function from_type(string $paramname): self {
|
|
|
343 |
$from = self::tryFrom($paramname)?->canonical();
|
|
|
344 |
if ($from) {
|
|
|
345 |
return $from;
|
|
|
346 |
}
|
|
|
347 |
|
|
|
348 |
throw new \coding_exception("Unknown parameter type '{$paramname}'");
|
|
|
349 |
}
|
|
|
350 |
|
|
|
351 |
/**
|
|
|
352 |
* Canonicalise the parameter.
|
|
|
353 |
*
|
|
|
354 |
* This method is used to support aliasing of deprecated parameters.
|
|
|
355 |
*
|
|
|
356 |
* @return param
|
|
|
357 |
*/
|
|
|
358 |
private function canonical(): self {
|
|
|
359 |
return match ($this) {
|
|
|
360 |
self::ACTION => self::ALPHANUMEXT,
|
|
|
361 |
self::CLEANFILE => self::FILE,
|
|
|
362 |
self::FORMAT => self::ALPHANUMEXT,
|
|
|
363 |
self::INTEGER => self::INT,
|
|
|
364 |
self::MULTILANG => self::TEXT,
|
|
|
365 |
self::NUMBER => self::FLOAT,
|
|
|
366 |
|
|
|
367 |
default => $this,
|
|
|
368 |
};
|
|
|
369 |
}
|
|
|
370 |
|
|
|
371 |
/**
|
|
|
372 |
* Used by {@link optional_param()} and {@link required_param()} to
|
|
|
373 |
* clean the variables and/or cast to specific types, based on
|
|
|
374 |
* an options field.
|
|
|
375 |
*
|
|
|
376 |
* <code>
|
|
|
377 |
* $course->format = param::ALPHA->clean($course->format);
|
|
|
378 |
* $selectedgradeitem = param::INT->clean($selectedgradeitem);
|
|
|
379 |
* </code>
|
|
|
380 |
*
|
|
|
381 |
* @param mixed $value the value to clean
|
|
|
382 |
* @return mixed
|
|
|
383 |
* @throws coding_exception
|
|
|
384 |
*/
|
|
|
385 |
public function clean(mixed $value): mixed {
|
|
|
386 |
// Check and emit a deprecation notice if required.
|
|
|
387 |
deprecation::emit_deprecation_if_present($this);
|
|
|
388 |
|
|
|
389 |
if (is_array($value)) {
|
|
|
390 |
throw new coding_exception('clean() can not process arrays, please use clean_array() instead.');
|
|
|
391 |
} else if (is_object($value)) {
|
|
|
392 |
if (method_exists($value, '__toString')) {
|
|
|
393 |
$value = $value->__toString();
|
|
|
394 |
} else {
|
|
|
395 |
throw new coding_exception('clean() can not process objects, please use clean_array() instead.');
|
|
|
396 |
}
|
|
|
397 |
}
|
|
|
398 |
|
|
|
399 |
$canonical = $this->canonical();
|
|
|
400 |
if ($this !== $canonical) {
|
|
|
401 |
return $canonical->clean($value);
|
|
|
402 |
}
|
|
|
403 |
|
|
|
404 |
$methodname = "clean_param_value_{$this->value}";
|
|
|
405 |
if (!method_exists(self::class, $methodname)) {
|
|
|
406 |
throw new coding_exception("Method not found for cleaning {$this->value}");
|
|
|
407 |
}
|
|
|
408 |
|
|
|
409 |
return $this->{$methodname}($value);
|
|
|
410 |
}
|
|
|
411 |
|
|
|
412 |
/**
|
|
|
413 |
* Returns a value for the named variable, taken from request arguments.
|
|
|
414 |
*
|
|
|
415 |
* This function should be used to initialise all required values
|
|
|
416 |
* in a script that are based on parameters. Usually it will be
|
|
|
417 |
* used like this:
|
|
|
418 |
* $id = param::INT->required_param('id');
|
|
|
419 |
*
|
|
|
420 |
*
|
|
|
421 |
* @param string $paramname the name of the page parameter we want
|
|
|
422 |
* @return mixed
|
|
|
423 |
* @throws moodle_exception
|
|
|
424 |
*/
|
|
|
425 |
public function required_param(string $paramname): mixed {
|
|
|
426 |
return $this->clean($this->get_request_parameter($paramname, true));
|
|
|
427 |
}
|
|
|
428 |
|
|
|
429 |
/**
|
|
|
430 |
* Returns a particular array value for the named variable, taken from request arguments.
|
|
|
431 |
* If the parameter doesn't exist then an error is thrown because we require this variable.
|
|
|
432 |
*
|
|
|
433 |
* This function should be used to initialise all required values
|
|
|
434 |
* in a script that are based on parameters. Usually it will be
|
|
|
435 |
* used like this:
|
|
|
436 |
* $ids = required_param_array('ids', PARAM_INT);
|
|
|
437 |
*
|
|
|
438 |
* Note: arrays of arrays are not supported, only alphanumeric keys with _ and - are supported
|
|
|
439 |
*
|
|
|
440 |
* @param string $paramname the name of the page parameter we want
|
|
|
441 |
* @return array
|
|
|
442 |
* @throws moodle_exception
|
|
|
443 |
*/
|
|
|
444 |
public function required_param_array(string $paramname): array {
|
|
|
445 |
$param = $this->get_request_parameter($paramname, true);
|
|
|
446 |
|
|
|
447 |
if (!is_array($param)) {
|
|
|
448 |
throw new \moodle_exception('missingparam', '', '', $paramname);
|
|
|
449 |
}
|
|
|
450 |
|
|
|
451 |
$result = [];
|
|
|
452 |
foreach ($param as $key => $value) {
|
|
|
453 |
if (!preg_match('/^[a-z0-9_-]+$/i', $key)) {
|
|
|
454 |
debugging(
|
|
|
455 |
"Invalid key name in required_param_array() detected: {$key}, parameter: {$paramname}",
|
|
|
456 |
);
|
|
|
457 |
continue;
|
|
|
458 |
}
|
|
|
459 |
$result[$key] = $this->clean($value);
|
|
|
460 |
}
|
|
|
461 |
|
|
|
462 |
return $result;
|
|
|
463 |
}
|
|
|
464 |
|
|
|
465 |
/**
|
|
|
466 |
* Returns a particular value for the named variable from the request arguments,
|
|
|
467 |
* otherwise returning a given default.
|
|
|
468 |
*
|
|
|
469 |
* This function should be used to initialise all optional values
|
|
|
470 |
* in a script that are based on parameters. Usually it will be
|
|
|
471 |
* used like this:
|
|
|
472 |
* $name = param::TEXT->optional_param('name', 'Fred');
|
|
|
473 |
*
|
|
|
474 |
* @param string $paramname the name of the page parameter we want
|
|
|
475 |
* @param mixed $default the default value to return if nothing is found
|
|
|
476 |
* @return mixed
|
|
|
477 |
*/
|
|
|
478 |
public function optional_param(string $paramname, mixed $default): mixed {
|
|
|
479 |
$param = $this->get_request_parameter($paramname, false);
|
|
|
480 |
if ($param === null) {
|
|
|
481 |
return $default;
|
|
|
482 |
}
|
|
|
483 |
|
|
|
484 |
return $this->clean($param);
|
|
|
485 |
}
|
|
|
486 |
|
|
|
487 |
/**
|
|
|
488 |
* Returns a particular array value for the named variable from the request arguments,
|
|
|
489 |
* otherwise returning a given default.
|
|
|
490 |
*
|
|
|
491 |
* This function should be used to initialise all optional values
|
|
|
492 |
* in a script that are based on parameters. Usually it will be
|
|
|
493 |
* used like this:
|
|
|
494 |
* $ids = param::INT->optional_param_arrayt('id', array());
|
|
|
495 |
*
|
|
|
496 |
* Note: arrays of arrays are not supported, only alphanumeric keys with _ and - are supported.
|
|
|
497 |
*
|
|
|
498 |
* @param string $paramname the name of the page parameter we want
|
|
|
499 |
* @param mixed $default the default value to return if nothing is found
|
|
|
500 |
* @return array
|
|
|
501 |
*/
|
|
|
502 |
public function optional_param_array(string $paramname, mixed $default): mixed {
|
|
|
503 |
$param = $this->get_request_parameter($paramname, false);
|
|
|
504 |
if ($param === null) {
|
|
|
505 |
return $default;
|
|
|
506 |
}
|
|
|
507 |
|
|
|
508 |
if (!is_array($param)) {
|
|
|
509 |
debugging(
|
|
|
510 |
"optional_param_array() only expects array parameters: {$paramname}",
|
|
|
511 |
);
|
|
|
512 |
return $default;
|
|
|
513 |
}
|
|
|
514 |
|
|
|
515 |
$result = [];
|
|
|
516 |
foreach ($param as $key => $value) {
|
|
|
517 |
if (!preg_match('/^[a-z0-9_-]+$/i', $key)) {
|
|
|
518 |
debugging(
|
|
|
519 |
"Invalid key name in optional_param_array() detected: {$key}, parameter: {$paramname}",
|
|
|
520 |
);
|
|
|
521 |
continue;
|
|
|
522 |
}
|
|
|
523 |
$result[$key] = $this->clean($value);
|
|
|
524 |
}
|
|
|
525 |
|
|
|
526 |
return $result;
|
|
|
527 |
}
|
|
|
528 |
|
|
|
529 |
/**
|
|
|
530 |
* Returns a particular value for the named variable, taken from the POST, or GET params.
|
|
|
531 |
*
|
|
|
532 |
* Parameters are fetched from POST first, then GET.
|
|
|
533 |
*
|
|
|
534 |
* @param string $paramname
|
|
|
535 |
* @param bool $require
|
|
|
536 |
* @return mixed
|
|
|
537 |
* @throws moodle_exception If the parameter was not found and the value is required
|
|
|
538 |
*/
|
|
|
539 |
private function get_request_parameter(
|
|
|
540 |
string $paramname,
|
|
|
541 |
bool $require,
|
|
|
542 |
): mixed {
|
|
|
543 |
if (isset($_POST[$paramname])) {
|
|
|
544 |
return $_POST[$paramname];
|
|
|
545 |
} else if (isset($_GET[$paramname])) {
|
|
|
546 |
return $_GET[$paramname];
|
|
|
547 |
} else if ($require) {
|
|
|
548 |
throw new \moodle_exception('missingparam', '', '', $paramname);
|
|
|
549 |
}
|
|
|
550 |
|
|
|
551 |
return null;
|
|
|
552 |
}
|
|
|
553 |
|
|
|
554 |
/**
|
|
|
555 |
* Strict validation of parameter values, the values are only converted
|
|
|
556 |
* to requested PHP type. Internally it is using clean_param, the values
|
|
|
557 |
* before and after cleaning must be equal - otherwise
|
|
|
558 |
* an invalid_parameter_exception is thrown.
|
|
|
559 |
* Objects and classes are not accepted.
|
|
|
560 |
*
|
|
|
561 |
* @param mixed $param
|
|
|
562 |
* @param bool $allownull are nulls valid value?
|
|
|
563 |
* @param string $debuginfo optional debug information
|
|
|
564 |
* @return mixed the $param value converted to PHP type
|
|
|
565 |
* @throws invalid_parameter_exception if $param is not of given type
|
|
|
566 |
*/
|
|
|
567 |
public function validate_param(
|
|
|
568 |
mixed $param,
|
|
|
569 |
bool $allownull = NULL_NOT_ALLOWED,
|
|
|
570 |
string $debuginfo = '',
|
|
|
571 |
): mixed {
|
|
|
572 |
if (is_null($param)) {
|
|
|
573 |
if ($allownull == NULL_ALLOWED) {
|
|
|
574 |
return null;
|
|
|
575 |
} else {
|
|
|
576 |
throw new invalid_parameter_exception($debuginfo);
|
|
|
577 |
}
|
|
|
578 |
}
|
|
|
579 |
if (is_array($param) || is_object($param)) {
|
|
|
580 |
throw new invalid_parameter_exception($debuginfo);
|
|
|
581 |
}
|
|
|
582 |
|
|
|
583 |
$cleaned = $this->clean($param);
|
|
|
584 |
|
|
|
585 |
if ($this->canonical() === self::FLOAT) {
|
|
|
586 |
// Do not detect precision loss here.
|
|
|
587 |
if (is_float($param) || is_int($param)) {
|
|
|
588 |
// These always fit.
|
|
|
589 |
} else if (!is_numeric($param) || !preg_match('/^[\+-]?[0-9]*\.?[0-9]*(e[-+]?[0-9]+)?$/i', (string)$param)) {
|
|
|
590 |
throw new invalid_parameter_exception($debuginfo);
|
|
|
591 |
}
|
|
|
592 |
} else if ((string) $param !== (string) $cleaned) {
|
|
|
593 |
// Conversion to string is usually lossless.
|
|
|
594 |
throw new invalid_parameter_exception($debuginfo);
|
|
|
595 |
}
|
|
|
596 |
|
|
|
597 |
return $cleaned;
|
|
|
598 |
}
|
|
|
599 |
|
|
|
600 |
/**
|
|
|
601 |
* Makes sure array contains only the allowed types, this function does not validate array key names!
|
|
|
602 |
*
|
|
|
603 |
* <code>
|
|
|
604 |
* $options = param::INT->clean_param_array($options);
|
|
|
605 |
* </code>
|
|
|
606 |
*
|
|
|
607 |
* @param array|null $param the variable array we are cleaning
|
|
|
608 |
* @param bool $recursive clean recursive arrays
|
|
|
609 |
* @return array
|
|
|
610 |
* @throws coding_exception
|
|
|
611 |
*/
|
|
|
612 |
public function clean_param_array(
|
|
|
613 |
?array $param,
|
|
|
614 |
bool $recursive = false,
|
|
|
615 |
) {
|
|
|
616 |
// Convert null to empty array.
|
|
|
617 |
$param = (array) $param;
|
|
|
618 |
foreach ($param as $key => $value) {
|
|
|
619 |
if (is_array($value)) {
|
|
|
620 |
if ($recursive) {
|
|
|
621 |
$param[$key] = $this->clean_param_array($value, true);
|
|
|
622 |
} else {
|
|
|
623 |
throw new coding_exception('clean_param_array can not process multidimensional arrays when $recursive is false.');
|
|
|
624 |
}
|
|
|
625 |
} else {
|
|
|
626 |
$param[$key] = $this->clean($value);
|
|
|
627 |
}
|
|
|
628 |
}
|
|
|
629 |
return $param;
|
|
|
630 |
}
|
|
|
631 |
|
|
|
632 |
/**
|
|
|
633 |
* Validation for PARAM_RAW.
|
|
|
634 |
*
|
|
|
635 |
* @param mixed $param
|
|
|
636 |
* @return mixed
|
|
|
637 |
*/
|
|
|
638 |
protected function clean_param_value_raw(mixed $param): mixed {
|
|
|
639 |
// No cleaning at all.
|
|
|
640 |
return fix_utf8($param);
|
|
|
641 |
}
|
|
|
642 |
|
|
|
643 |
/**
|
|
|
644 |
* Validation for PARAM_RAW_TRIMMED.
|
|
|
645 |
*
|
|
|
646 |
* @param mixed $param
|
|
|
647 |
* @return string
|
|
|
648 |
*/
|
|
|
649 |
protected function clean_param_value_raw_trimmed(mixed $param): string {
|
|
|
650 |
// No cleaning, but strip leading and trailing whitespace.
|
|
|
651 |
return trim((string) $this->clean_param_value_raw($param));
|
|
|
652 |
}
|
|
|
653 |
|
|
|
654 |
/**
|
|
|
655 |
* Validation for PARAM_CLEAN.
|
|
|
656 |
*
|
|
|
657 |
* @param mixed $param
|
|
|
658 |
* @return string
|
|
|
659 |
*/
|
|
|
660 |
protected function clean_param_value_clean(mixed $param): string {
|
|
|
661 |
// General HTML cleaning, try to use more specific type if possible this is deprecated!
|
|
|
662 |
// Please use more specific type instead.
|
|
|
663 |
if (is_numeric($param)) {
|
|
|
664 |
return $param;
|
|
|
665 |
}
|
|
|
666 |
$param = fix_utf8($param);
|
|
|
667 |
// Sweep for scripts, etc.
|
|
|
668 |
return clean_text($param);
|
|
|
669 |
}
|
|
|
670 |
|
|
|
671 |
/**
|
|
|
672 |
* Validation for PARAM_CLEANHTML.
|
|
|
673 |
*/
|
|
|
674 |
protected function clean_param_value_cleanhtml(mixed $param): mixed {
|
|
|
675 |
// Clean html fragment.
|
|
|
676 |
$param = (string)fix_utf8($param);
|
|
|
677 |
// Sweep for scripts, etc.
|
|
|
678 |
$param = clean_text($param, FORMAT_HTML);
|
|
|
679 |
|
|
|
680 |
return trim($param);
|
|
|
681 |
}
|
|
|
682 |
|
|
|
683 |
/**
|
|
|
684 |
* Validation for PARAM_INT.
|
|
|
685 |
*
|
|
|
686 |
* @param mixed $param
|
|
|
687 |
* @return int
|
|
|
688 |
*/
|
|
|
689 |
protected function clean_param_value_int(mixed $param): int {
|
|
|
690 |
// Convert to integer.
|
|
|
691 |
return (int)$param;
|
|
|
692 |
}
|
|
|
693 |
|
|
|
694 |
/**
|
|
|
695 |
* Validation for PARAM_FLOAT.
|
|
|
696 |
*
|
|
|
697 |
* @param mixed $param
|
|
|
698 |
* @return float
|
|
|
699 |
*/
|
|
|
700 |
protected function clean_param_value_float(mixed $param): float {
|
|
|
701 |
// Convert to float.
|
|
|
702 |
return (float)$param;
|
|
|
703 |
}
|
|
|
704 |
|
|
|
705 |
/**
|
|
|
706 |
* Validation for PARAM_LOCALISEDFLOAT.
|
|
|
707 |
*
|
|
|
708 |
* @param mixed $param
|
|
|
709 |
* @return mixed
|
|
|
710 |
*/
|
|
|
711 |
protected function clean_param_value_localisedfloat(mixed $param): mixed {
|
|
|
712 |
// Convert to float.
|
|
|
713 |
return unformat_float($param, true);
|
|
|
714 |
}
|
|
|
715 |
|
|
|
716 |
/**
|
|
|
717 |
* Validation for PARAM_ALPHA.
|
|
|
718 |
*
|
|
|
719 |
* @param mixed $param
|
|
|
720 |
* @return mixed
|
|
|
721 |
*/
|
|
|
722 |
protected function clean_param_value_alpha(mixed $param): mixed {
|
|
|
723 |
// Remove everything not `a-z`.
|
|
|
724 |
return preg_replace('/[^a-zA-Z]/i', '', (string)$param);
|
|
|
725 |
}
|
|
|
726 |
|
|
|
727 |
/**
|
|
|
728 |
* Validation for PARAM_ALPHAEXT.
|
|
|
729 |
*
|
|
|
730 |
* @param mixed $param
|
|
|
731 |
* @return mixed
|
|
|
732 |
*/
|
|
|
733 |
protected function clean_param_value_alphaext(mixed $param): mixed {
|
|
|
734 |
// Remove everything not `a-zA-Z_-` (originally allowed "/" too).
|
|
|
735 |
return preg_replace('/[^a-zA-Z_-]/i', '', (string)$param);
|
|
|
736 |
}
|
|
|
737 |
|
|
|
738 |
/**
|
|
|
739 |
* Validation for PARAM_ALPHANUM.
|
|
|
740 |
*
|
|
|
741 |
* @param mixed $param
|
|
|
742 |
* @return mixed
|
|
|
743 |
*/
|
|
|
744 |
protected function clean_param_value_alphanum(mixed $param): mixed {
|
|
|
745 |
// Remove everything not `a-zA-Z0-9`.
|
|
|
746 |
return preg_replace('/[^A-Za-z0-9]/i', '', (string)$param);
|
|
|
747 |
}
|
|
|
748 |
|
|
|
749 |
/**
|
|
|
750 |
* Validation for PARAM_ALPHANUMEXT.
|
|
|
751 |
*
|
|
|
752 |
* @param mixed $param
|
|
|
753 |
* @return mixed
|
|
|
754 |
*/
|
|
|
755 |
protected function clean_param_value_alphanumext(mixed $param): mixed {
|
|
|
756 |
// Remove everything not `a-zA-Z0-9_-`.
|
|
|
757 |
return preg_replace('/[^A-Za-z0-9_-]/i', '', (string)$param);
|
|
|
758 |
}
|
|
|
759 |
|
|
|
760 |
/**
|
|
|
761 |
* Validation for PARAM_SEQUENCE.
|
|
|
762 |
*
|
|
|
763 |
* @param mixed $param
|
|
|
764 |
* @return mixed
|
|
|
765 |
*/
|
|
|
766 |
protected function clean_param_value_sequence(mixed $param): mixed {
|
|
|
767 |
// Remove everything not `0-9,`.
|
|
|
768 |
return preg_replace('/[^0-9,]/i', '', (string)$param);
|
|
|
769 |
}
|
|
|
770 |
|
|
|
771 |
/**
|
|
|
772 |
* Validation for PARAM_BOOL.
|
|
|
773 |
*
|
|
|
774 |
* @param mixed $param
|
|
|
775 |
* @return mixed
|
|
|
776 |
*/
|
|
|
777 |
protected function clean_param_value_bool(mixed $param): mixed {
|
|
|
778 |
// Convert to 1 or 0.
|
|
|
779 |
$tempstr = strtolower((string)$param);
|
|
|
780 |
if ($tempstr === 'on' || $tempstr === 'yes' || $tempstr === 'true') {
|
|
|
781 |
$param = 1;
|
|
|
782 |
} else if ($tempstr === 'off' || $tempstr === 'no' || $tempstr === 'false') {
|
|
|
783 |
$param = 0;
|
|
|
784 |
} else {
|
|
|
785 |
$param = empty($param) ? 0 : 1;
|
|
|
786 |
}
|
|
|
787 |
return $param;
|
|
|
788 |
}
|
|
|
789 |
|
|
|
790 |
/**
|
|
|
791 |
* Validation for PARAM_NOTAGS.
|
|
|
792 |
*
|
|
|
793 |
* @param mixed $param
|
|
|
794 |
* @return mixed
|
|
|
795 |
*/
|
|
|
796 |
protected function clean_param_value_notags(mixed $param): mixed {
|
|
|
797 |
// Strip all tags.
|
|
|
798 |
$param = fix_utf8($param);
|
|
|
799 |
return strip_tags((string)$param);
|
|
|
800 |
}
|
|
|
801 |
|
|
|
802 |
/**
|
|
|
803 |
* Validation for PARAM_TEXT.
|
|
|
804 |
*
|
|
|
805 |
* @param mixed $param
|
|
|
806 |
* @return mixed
|
|
|
807 |
*/
|
|
|
808 |
protected function clean_param_value_text(mixed $param): mixed {
|
|
|
809 |
// Leave only tags needed for multilang.
|
|
|
810 |
$param = fix_utf8($param);
|
|
|
811 |
// If the multilang syntax is not correct we strip all tags because it would break xhtml strict which is required
|
|
|
812 |
// for accessibility standards please note this cleaning does not strip unbalanced '>' for BC compatibility reasons.
|
|
|
813 |
do {
|
|
|
814 |
if (strpos((string)$param, '</lang>') !== false) {
|
|
|
815 |
// Old and future mutilang syntax.
|
|
|
816 |
$param = strip_tags($param, '<lang>');
|
|
|
817 |
if (!preg_match_all('/<.*>/suU', $param, $matches)) {
|
|
|
818 |
break;
|
|
|
819 |
}
|
|
|
820 |
$open = false;
|
|
|
821 |
foreach ($matches[0] as $match) {
|
|
|
822 |
if ($match === '</lang>') {
|
|
|
823 |
if ($open) {
|
|
|
824 |
$open = false;
|
|
|
825 |
continue;
|
|
|
826 |
} else {
|
|
|
827 |
break 2;
|
|
|
828 |
}
|
|
|
829 |
}
|
|
|
830 |
if (!preg_match('/^<lang lang="[a-zA-Z0-9_-]+"\s*>$/u', $match)) {
|
|
|
831 |
break 2;
|
|
|
832 |
} else {
|
|
|
833 |
$open = true;
|
|
|
834 |
}
|
|
|
835 |
}
|
|
|
836 |
if ($open) {
|
|
|
837 |
break;
|
|
|
838 |
}
|
|
|
839 |
return $param;
|
|
|
840 |
} else if (strpos((string)$param, '</span>') !== false) {
|
|
|
841 |
// Current problematic multilang syntax.
|
|
|
842 |
$param = strip_tags($param, '<span>');
|
|
|
843 |
if (!preg_match_all('/<.*>/suU', $param, $matches)) {
|
|
|
844 |
break;
|
|
|
845 |
}
|
|
|
846 |
$open = false;
|
|
|
847 |
foreach ($matches[0] as $match) {
|
|
|
848 |
if ($match === '</span>') {
|
|
|
849 |
if ($open) {
|
|
|
850 |
$open = false;
|
|
|
851 |
continue;
|
|
|
852 |
} else {
|
|
|
853 |
break 2;
|
|
|
854 |
}
|
|
|
855 |
}
|
|
|
856 |
if (!preg_match('/^<span(\s+lang="[a-zA-Z0-9_-]+"|\s+class="multilang"){2}\s*>$/u', $match)) {
|
|
|
857 |
break 2;
|
|
|
858 |
} else {
|
|
|
859 |
$open = true;
|
|
|
860 |
}
|
|
|
861 |
}
|
|
|
862 |
if ($open) {
|
|
|
863 |
break;
|
|
|
864 |
}
|
|
|
865 |
return $param;
|
|
|
866 |
}
|
|
|
867 |
} while (false);
|
|
|
868 |
// Easy, just strip all tags, if we ever want to fix orphaned '&' we have to do that in format_string().
|
|
|
869 |
return strip_tags((string)$param);
|
|
|
870 |
}
|
|
|
871 |
|
|
|
872 |
/**
|
|
|
873 |
* Validation for PARAM_COMPONENT.
|
|
|
874 |
*
|
|
|
875 |
* @param mixed $param
|
|
|
876 |
* @return string
|
|
|
877 |
*/
|
|
|
878 |
protected function clean_param_value_component(mixed $param): string {
|
|
|
879 |
// We do not want any guessing here, either the name is correct or not
|
|
|
880 |
// please note only normalised component names are accepted.
|
|
|
881 |
$param = (string)$param;
|
|
|
882 |
if (!preg_match('/^[a-z][a-z0-9]*(_[a-z][a-z0-9_]*)?[a-z0-9]+$/', $param)) {
|
|
|
883 |
return '';
|
|
|
884 |
}
|
|
|
885 |
if (strpos($param, '__') !== false) {
|
|
|
886 |
return '';
|
|
|
887 |
}
|
|
|
888 |
if (strpos($param, 'mod_') === 0) {
|
|
|
889 |
// Module names must not contain underscores because we need to differentiate them from invalid plugin types.
|
|
|
890 |
if (substr_count($param, '_') != 1) {
|
|
|
891 |
return '';
|
|
|
892 |
}
|
|
|
893 |
}
|
|
|
894 |
return $param;
|
|
|
895 |
}
|
|
|
896 |
|
|
|
897 |
/**
|
|
|
898 |
* Validation for PARAM_PLUGIN.
|
|
|
899 |
*
|
|
|
900 |
* @param mixed $param
|
|
|
901 |
* @return string
|
|
|
902 |
*/
|
|
|
903 |
protected function clean_param_value_plugin(mixed $param): string {
|
|
|
904 |
return $this->clean_param_value_area($param);
|
|
|
905 |
}
|
|
|
906 |
|
|
|
907 |
/**
|
|
|
908 |
* Validation for PARAM_AREA.
|
|
|
909 |
*
|
|
|
910 |
* @param mixed $param
|
|
|
911 |
* @return string
|
|
|
912 |
*/
|
|
|
913 |
protected function clean_param_value_area(mixed $param): string {
|
|
|
914 |
// We do not want any guessing here, either the name is correct or not.
|
|
|
915 |
if (!is_valid_plugin_name($param)) {
|
|
|
916 |
return '';
|
|
|
917 |
}
|
|
|
918 |
return $param;
|
|
|
919 |
}
|
|
|
920 |
|
|
|
921 |
/**
|
|
|
922 |
* Validation for PARAM_SAFEDIR
|
|
|
923 |
*
|
|
|
924 |
* @param mixed $param
|
|
|
925 |
* @return string
|
|
|
926 |
*/
|
|
|
927 |
protected function clean_param_value_safedir(mixed $param): string {
|
|
|
928 |
// Remove everything not a-zA-Z0-9_- .
|
|
|
929 |
return preg_replace('/[^a-zA-Z0-9_-]/i', '', (string)$param);
|
|
|
930 |
}
|
|
|
931 |
|
|
|
932 |
/**
|
|
|
933 |
* Validation for PARAM_SAFEPATH.
|
|
|
934 |
*
|
|
|
935 |
* @param mixed $param
|
|
|
936 |
* @return string
|
|
|
937 |
*/
|
|
|
938 |
protected function clean_param_value_safepath(mixed $param): string {
|
|
|
939 |
// Remove everything not a-zA-Z0-9/_- .
|
|
|
940 |
return preg_replace('/[^a-zA-Z0-9\/_-]/i', '', (string)$param);
|
|
|
941 |
}
|
|
|
942 |
|
|
|
943 |
/**
|
|
|
944 |
* Validation for PARAM_FILE.
|
|
|
945 |
*
|
|
|
946 |
* @param mixed $param
|
|
|
947 |
* @return string
|
|
|
948 |
*/
|
|
|
949 |
protected function clean_param_value_file(mixed $param): string {
|
|
|
950 |
// Strip all suspicious characters from filename.
|
|
|
951 |
$param = (string)fix_utf8($param);
|
|
|
952 |
// phpcs:ignore moodle.Strings.ForbiddenStrings.Found
|
|
|
953 |
$param = preg_replace('~[[:cntrl:]]|[&<>"`\|\':\\\\/]~u', '', $param);
|
|
|
954 |
if ($param === '.' || $param === '..') {
|
|
|
955 |
$param = '';
|
|
|
956 |
}
|
|
|
957 |
return $param;
|
|
|
958 |
}
|
|
|
959 |
|
|
|
960 |
/**
|
|
|
961 |
* Validation for PARAM_PATH.
|
|
|
962 |
*
|
|
|
963 |
* @param mixed $param
|
|
|
964 |
* @return string
|
|
|
965 |
*/
|
|
|
966 |
protected function clean_param_value_path(mixed $param): string {
|
|
|
967 |
// Strip all suspicious characters from file path.
|
|
|
968 |
$param = (string)fix_utf8($param);
|
|
|
969 |
$param = str_replace('\\', '/', $param);
|
|
|
970 |
|
|
|
971 |
// Explode the path and clean each element using the PARAM_FILE rules.
|
|
|
972 |
$breadcrumb = explode('/', $param);
|
|
|
973 |
foreach ($breadcrumb as $key => $crumb) {
|
|
|
974 |
if ($crumb === '.' && $key === 0) {
|
|
|
975 |
// Special condition to allow for relative current path such as ./currentdirfile.txt.
|
|
|
976 |
} else {
|
|
|
977 |
$crumb = clean_param($crumb, PARAM_FILE);
|
|
|
978 |
}
|
|
|
979 |
$breadcrumb[$key] = $crumb;
|
|
|
980 |
}
|
|
|
981 |
$param = implode('/', $breadcrumb);
|
|
|
982 |
|
|
|
983 |
// Remove multiple current path (./././) and multiple slashes (///).
|
|
|
984 |
$param = preg_replace('~//+~', '/', $param);
|
|
|
985 |
$param = preg_replace('~/(\./)+~', '/', $param);
|
|
|
986 |
return $param;
|
|
|
987 |
}
|
|
|
988 |
|
|
|
989 |
/**
|
|
|
990 |
* Validation for PARAM_HOST.
|
|
|
991 |
*
|
|
|
992 |
* @param mixed $param
|
|
|
993 |
* @return string
|
|
|
994 |
*/
|
|
|
995 |
protected function clean_param_value_host(mixed $param): string {
|
|
|
996 |
// Allow FQDN or IPv4 dotted quad.
|
|
|
997 |
if (!ip_utils::is_domain_name($param) && !ip_utils::is_ipv4_address($param)) {
|
|
|
998 |
$param = '';
|
|
|
999 |
}
|
|
|
1000 |
return $param;
|
|
|
1001 |
}
|
|
|
1002 |
|
|
|
1003 |
/**
|
|
|
1004 |
* Validation for PARAM_URL.
|
|
|
1005 |
*
|
|
|
1006 |
* @param mixed $param
|
|
|
1007 |
* @return string
|
|
|
1008 |
*/
|
|
|
1009 |
protected function clean_param_value_url(mixed $param): string {
|
|
|
1010 |
global $CFG;
|
|
|
1011 |
|
|
|
1012 |
// Allow safe urls.
|
|
|
1013 |
$param = (string)fix_utf8($param);
|
|
|
1014 |
include_once($CFG->dirroot . '/lib/validateurlsyntax.php');
|
|
|
1015 |
if (!empty($param) && validateUrlSyntax($param, 's?H?S?F?E-u-P-a?I?p?f?q?r?')) {
|
|
|
1016 |
// All is ok, param is respected.
|
|
|
1017 |
} else {
|
|
|
1018 |
// Not really ok.
|
|
|
1019 |
$param = '';
|
|
|
1020 |
}
|
|
|
1021 |
return $param;
|
|
|
1022 |
}
|
|
|
1023 |
|
|
|
1024 |
/**
|
|
|
1025 |
* Validation for PARAM_LOCALURL.
|
|
|
1026 |
*
|
|
|
1027 |
* @param mixed $param
|
|
|
1028 |
* @return string
|
|
|
1029 |
*/
|
|
|
1030 |
protected function clean_param_value_localurl(mixed $param): string {
|
|
|
1031 |
global $CFG;
|
|
|
1032 |
|
|
|
1033 |
// Allow http absolute, root relative and relative URLs within wwwroot.
|
|
|
1034 |
$param = clean_param($param, PARAM_URL);
|
|
|
1035 |
if (!empty($param)) {
|
|
|
1036 |
if ($param === $CFG->wwwroot) {
|
|
|
1037 |
// Exact match.
|
|
|
1038 |
} else if (preg_match(':^/:', $param)) {
|
|
|
1039 |
// Root-relative, ok!
|
|
|
1040 |
} else if (preg_match('/^' . preg_quote($CFG->wwwroot . '/', '/') . '/i', $param)) {
|
|
|
1041 |
// Absolute, and matches our wwwroot.
|
|
|
1042 |
} else {
|
|
|
1043 |
// Relative - let's make sure there are no tricks.
|
|
|
1044 |
if (validateUrlSyntax('/' . $param, 's-u-P-a-p-f+q?r?') && !preg_match('/javascript:/i', $param)) {
|
|
|
1045 |
// Looks ok.
|
|
|
1046 |
} else {
|
|
|
1047 |
$param = '';
|
|
|
1048 |
}
|
|
|
1049 |
}
|
|
|
1050 |
}
|
|
|
1051 |
return $param;
|
|
|
1052 |
}
|
|
|
1053 |
|
|
|
1054 |
/**
|
|
|
1055 |
* Validation for PARAM_PEM.
|
|
|
1056 |
*
|
|
|
1057 |
* @param mixed $param
|
|
|
1058 |
* @return string
|
|
|
1059 |
*/
|
|
|
1060 |
protected function clean_param_value_pem(mixed $param): string {
|
|
|
1061 |
$param = trim((string)$param);
|
|
|
1062 |
// PEM formatted strings may contain letters/numbers and the symbols:
|
|
|
1063 |
// - forward slash: /
|
|
|
1064 |
// - plus sign: +
|
|
|
1065 |
// - equal sign: =
|
|
|
1066 |
// - , surrounded by BEGIN and END CERTIFICATE prefix and suffixes.
|
|
|
1067 |
if (preg_match('/^-----BEGIN CERTIFICATE-----([\s\w\/\+=]+)-----END CERTIFICATE-----$/', trim($param), $matches)) {
|
|
|
1068 |
[$wholething, $body] = $matches;
|
|
|
1069 |
unset($wholething, $matches);
|
|
|
1070 |
$b64 = clean_param($body, PARAM_BASE64);
|
|
|
1071 |
if (!empty($b64)) {
|
|
|
1072 |
return "-----BEGIN CERTIFICATE-----\n$b64\n-----END CERTIFICATE-----\n";
|
|
|
1073 |
} else {
|
|
|
1074 |
return '';
|
|
|
1075 |
}
|
|
|
1076 |
}
|
|
|
1077 |
return '';
|
|
|
1078 |
}
|
|
|
1079 |
|
|
|
1080 |
/**
|
|
|
1081 |
* Validation for PARAM_BASE64.
|
|
|
1082 |
*
|
|
|
1083 |
* @param mixed $param
|
|
|
1084 |
* @return string
|
|
|
1085 |
*/
|
|
|
1086 |
protected function clean_param_value_base64(mixed $param): string {
|
|
|
1087 |
if (!empty($param)) {
|
|
|
1088 |
// PEM formatted strings may contain letters/numbers and the symbols
|
|
|
1089 |
// - forward slash: /
|
|
|
1090 |
// - plus sign: +
|
|
|
1091 |
// - equal sign: =.
|
|
|
1092 |
if (0 >= preg_match('/^([\s\w\/\+=]+)$/', trim($param))) {
|
|
|
1093 |
return '';
|
|
|
1094 |
}
|
|
|
1095 |
$lines = preg_split('/[\s]+/', $param, -1, PREG_SPLIT_NO_EMPTY);
|
|
|
1096 |
// Each line of base64 encoded data must be 64 characters in length, except for the last line which may be less
|
|
|
1097 |
// than (or equal to) 64 characters long.
|
|
|
1098 |
for ($i = 0, $j = count($lines); $i < $j; $i++) {
|
|
|
1099 |
if ($i + 1 == $j) {
|
|
|
1100 |
if (64 < strlen($lines[$i])) {
|
|
|
1101 |
return '';
|
|
|
1102 |
}
|
|
|
1103 |
continue;
|
|
|
1104 |
}
|
|
|
1105 |
|
|
|
1106 |
if (64 != strlen($lines[$i])) {
|
|
|
1107 |
return '';
|
|
|
1108 |
}
|
|
|
1109 |
}
|
|
|
1110 |
return implode("\n", $lines);
|
|
|
1111 |
} else {
|
|
|
1112 |
return '';
|
|
|
1113 |
}
|
|
|
1114 |
}
|
|
|
1115 |
|
|
|
1116 |
/**
|
|
|
1117 |
* Validation for PARAM_TAG.
|
|
|
1118 |
*
|
|
|
1119 |
* @param mixed $param
|
|
|
1120 |
* @return string
|
|
|
1121 |
*/
|
|
|
1122 |
protected function clean_param_value_tag(mixed $param): string {
|
|
|
1123 |
$param = (string)fix_utf8($param);
|
|
|
1124 |
// Please note it is not safe to use the tag name directly anywhere,
|
|
|
1125 |
// it must be processed with s(), urlencode() before embedding anywhere.
|
|
|
1126 |
// Remove some nasties.
|
|
|
1127 |
// phpcs:ignore moodle.Strings.ForbiddenStrings.Found
|
|
|
1128 |
$param = preg_replace('~[[:cntrl:]]|[<>`]~u', '', $param);
|
|
|
1129 |
// Convert many whitespace chars into one.
|
|
|
1130 |
$param = preg_replace('/\s+/u', ' ', $param);
|
|
|
1131 |
$param = core_text::substr(trim($param), 0, TAG_MAX_LENGTH);
|
|
|
1132 |
return $param;
|
|
|
1133 |
}
|
|
|
1134 |
|
|
|
1135 |
/**
|
|
|
1136 |
* Validation for PARAM_TAGLIST.
|
|
|
1137 |
*
|
|
|
1138 |
* @param mixed $param
|
|
|
1139 |
* @return string
|
|
|
1140 |
*/
|
|
|
1141 |
protected function clean_param_value_taglist(mixed $param): string {
|
|
|
1142 |
$param = (string)fix_utf8($param);
|
|
|
1143 |
$tags = explode(',', $param);
|
|
|
1144 |
$result = [];
|
|
|
1145 |
foreach ($tags as $tag) {
|
|
|
1146 |
$res = clean_param($tag, PARAM_TAG);
|
|
|
1147 |
if ($res !== '') {
|
|
|
1148 |
$result[] = $res;
|
|
|
1149 |
}
|
|
|
1150 |
}
|
|
|
1151 |
if ($result) {
|
|
|
1152 |
return implode(',', $result);
|
|
|
1153 |
} else {
|
|
|
1154 |
return '';
|
|
|
1155 |
}
|
|
|
1156 |
}
|
|
|
1157 |
|
|
|
1158 |
/**
|
|
|
1159 |
* Validation for PARAM_CAPABILITY.
|
|
|
1160 |
*
|
|
|
1161 |
* @param mixed $param
|
|
|
1162 |
* @return string
|
|
|
1163 |
*/
|
|
|
1164 |
protected function clean_param_value_capability(mixed $param): string {
|
|
|
1165 |
if (get_capability_info($param)) {
|
|
|
1166 |
return $param;
|
|
|
1167 |
} else {
|
|
|
1168 |
return '';
|
|
|
1169 |
}
|
|
|
1170 |
}
|
|
|
1171 |
|
|
|
1172 |
/**
|
|
|
1173 |
* Validation for PARAM_PERMISSION.
|
|
|
1174 |
*
|
|
|
1175 |
* @param mixed $param
|
|
|
1176 |
* @return int
|
|
|
1177 |
*/
|
|
|
1178 |
protected function clean_param_value_permission(mixed $param): int {
|
|
|
1179 |
$param = (int)$param;
|
|
|
1180 |
if (in_array($param, [CAP_INHERIT, CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT])) {
|
|
|
1181 |
return $param;
|
|
|
1182 |
} else {
|
|
|
1183 |
return CAP_INHERIT;
|
|
|
1184 |
}
|
|
|
1185 |
}
|
|
|
1186 |
|
|
|
1187 |
/**
|
|
|
1188 |
* Validation for PARAM_AUTH.
|
|
|
1189 |
*
|
|
|
1190 |
* @param mixed $param
|
|
|
1191 |
* @return string
|
|
|
1192 |
*/
|
|
|
1193 |
protected function clean_param_value_auth(mixed $param): string {
|
|
|
1194 |
$param = clean_param($param, PARAM_PLUGIN);
|
|
|
1195 |
if (empty($param)) {
|
|
|
1196 |
return '';
|
|
|
1197 |
} else if (exists_auth_plugin($param)) {
|
|
|
1198 |
return $param;
|
|
|
1199 |
} else {
|
|
|
1200 |
return '';
|
|
|
1201 |
}
|
|
|
1202 |
}
|
|
|
1203 |
|
|
|
1204 |
/**
|
|
|
1205 |
* Validation for PARAM_LANG.
|
|
|
1206 |
*
|
|
|
1207 |
* @param mixed $param
|
|
|
1208 |
* @return string
|
|
|
1209 |
*/
|
|
|
1210 |
protected function clean_param_value_lang(mixed $param): string {
|
|
|
1211 |
$param = clean_param($param, PARAM_SAFEDIR);
|
|
|
1212 |
if (get_string_manager()->translation_exists($param)) {
|
|
|
1213 |
return $param;
|
|
|
1214 |
} else {
|
|
|
1215 |
// Specified language is not installed or param malformed.
|
|
|
1216 |
return '';
|
|
|
1217 |
}
|
|
|
1218 |
}
|
|
|
1219 |
|
|
|
1220 |
/**
|
|
|
1221 |
* Validation for PARAM_THEME.
|
|
|
1222 |
*
|
|
|
1223 |
* @param mixed $param
|
|
|
1224 |
* @return string
|
|
|
1225 |
*/
|
|
|
1226 |
protected function clean_param_value_theme(mixed $param): string {
|
|
|
1227 |
global $CFG;
|
|
|
1228 |
|
|
|
1229 |
$param = clean_param($param, PARAM_PLUGIN);
|
|
|
1230 |
if (empty($param)) {
|
|
|
1231 |
return '';
|
|
|
1232 |
} else if (file_exists("$CFG->dirroot/theme/$param/config.php")) {
|
|
|
1233 |
return $param;
|
|
|
1234 |
} else if (!empty($CFG->themedir) && file_exists("$CFG->themedir/$param/config.php")) {
|
|
|
1235 |
return $param;
|
|
|
1236 |
} else {
|
|
|
1237 |
// Specified theme is not installed.
|
|
|
1238 |
return '';
|
|
|
1239 |
}
|
|
|
1240 |
}
|
|
|
1241 |
|
|
|
1242 |
/**
|
|
|
1243 |
* Validation for PARAM_USERNAME.
|
|
|
1244 |
*
|
|
|
1245 |
* @param mixed $param
|
|
|
1246 |
* @return string
|
|
|
1247 |
*/
|
|
|
1248 |
protected function clean_param_value_username(mixed $param): string {
|
|
|
1249 |
global $CFG;
|
|
|
1250 |
|
|
|
1251 |
$param = (string)fix_utf8($param);
|
|
|
1252 |
$param = trim($param);
|
|
|
1253 |
// Convert uppercase to lowercase MDL-16919.
|
|
|
1254 |
$param = core_text::strtolower($param);
|
|
|
1255 |
if (empty($CFG->extendedusernamechars)) {
|
|
|
1256 |
$param = str_replace(" ", "", $param);
|
|
|
1257 |
// Regular expression, eliminate all chars EXCEPT:
|
|
|
1258 |
// alphanum, dash (-), underscore (_), at sign (@) and period (.) characters.
|
|
|
1259 |
$param = preg_replace('/[^-\.@_a-z0-9]/', '', $param);
|
|
|
1260 |
}
|
|
|
1261 |
return $param;
|
|
|
1262 |
}
|
|
|
1263 |
|
|
|
1264 |
/**
|
|
|
1265 |
* Validation for PARAM_EMAIL.
|
|
|
1266 |
*
|
|
|
1267 |
* @param mixed $param
|
|
|
1268 |
* @return string
|
|
|
1269 |
*/
|
|
|
1270 |
protected function clean_param_value_email(mixed $param): string {
|
|
|
1271 |
$param = fix_utf8($param);
|
|
|
1272 |
if (validate_email($param ?? '')) {
|
|
|
1273 |
return $param;
|
|
|
1274 |
} else {
|
|
|
1275 |
return '';
|
|
|
1276 |
}
|
|
|
1277 |
}
|
|
|
1278 |
|
|
|
1279 |
/**
|
|
|
1280 |
* Validation for PARAM_STRINGID.
|
|
|
1281 |
*
|
|
|
1282 |
* @param mixed $param
|
|
|
1283 |
* @return string
|
|
|
1284 |
*/
|
|
|
1285 |
protected function clean_param_value_stringid(mixed $param): string {
|
|
|
1286 |
if (preg_match('|^[a-zA-Z][a-zA-Z0-9\.:/_-]*$|', (string)$param)) {
|
|
|
1287 |
return $param;
|
|
|
1288 |
} else {
|
|
|
1289 |
return '';
|
|
|
1290 |
}
|
|
|
1291 |
}
|
|
|
1292 |
|
|
|
1293 |
/**
|
|
|
1294 |
* Validation for PARAM_TIMEZONE.
|
|
|
1295 |
*
|
|
|
1296 |
* @param mixed $param
|
|
|
1297 |
* @return string
|
|
|
1298 |
*/
|
|
|
1299 |
protected function clean_param_value_timezone(mixed $param): string {
|
|
|
1300 |
// Can be int, float(with .5 or .0) or string seperated by '/' and can have '-_'.
|
|
|
1301 |
$param = (string)fix_utf8($param);
|
|
|
1302 |
$timezonepattern = '/^(([+-]?(0?[0-9](\.[5|0])?|1[0-3](\.0)?|1[0-2]\.5))|(99)|[[:alnum:]]+(\/?[[:alpha:]_-])+)$/';
|
|
|
1303 |
if (preg_match($timezonepattern, $param)) {
|
|
|
1304 |
return $param;
|
|
|
1305 |
} else {
|
|
|
1306 |
return '';
|
|
|
1307 |
}
|
|
|
1308 |
}
|
|
|
1309 |
|
|
|
1310 |
/**
|
|
|
1311 |
* Whether the parameter is deprecated.
|
|
|
1312 |
*
|
|
|
1313 |
* @return bool
|
|
|
1314 |
*/
|
|
|
1315 |
public function is_deprecated(): bool {
|
|
|
1316 |
return deprecation::is_deprecated($this);
|
|
|
1317 |
}
|
|
|
1318 |
}
|