begin bookmark model class with URL validation method

This commit is contained in:
Christian Weiske 2011-05-03 09:14:32 +02:00
parent 40b4674e47
commit 2077464d46
4 changed files with 119 additions and 0 deletions

View File

@ -462,6 +462,21 @@ $filetypes = array(
'video' => array('avi', 'mov', 'mp4', 'mpeg', 'mpg', 'wmv')
);
/**
* Link protocols that are allowed for newly added bookmarks.
* This prevents i.e. adding javascript: links.
*
* @link http://en.wikipedia.org/wiki/URI_scheme
*
* @var array
*/
$allowedProtocols = array(
'ftp', 'ftps',
'http', 'https',
'mailto', 'nntp',
'xmpp'
);
/**
* Enable the "common bookmark description" functionality
*

View File

@ -0,0 +1,38 @@
<?php
/**
* SemanticScuttle - your social bookmark manager.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Christian Weiske <cweiske@cweiske.de>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
/**
* Bookmark model class, keeping the data of a single bookmark.
* It will slowly replace the old array style format.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Christian Weiske <cweiske@cweiske.de>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
class SemanticScuttle_Model_Bookmark
{
public static function isValidUrl($url)
{
$scheme = parse_url($url, PHP_URL_SCHEME);
if (array_search($scheme, $GLOBALS['allowedProtocols']) === false) {
return false;
}
return true;
}
}
?>

View File

@ -82,6 +82,7 @@ require_once 'SemanticScuttle/Service.php';
require_once 'SemanticScuttle/DbService.php';
require_once 'SemanticScuttle/Service/Factory.php';
require_once 'SemanticScuttle/functions.php';
require_once 'SemanticScuttle/Model/Bookmark.php';
require_once 'SemanticScuttle/Model/UserArray.php';
if (count($GLOBALS['serviceoverrides']) > 0

View File

@ -0,0 +1,65 @@
<?php
/**
* SemanticScuttle - your social bookmark manager.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Christian Weiske <cweiske@cweiske.de>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
/**
* Unit tests for the SemanticScuttle Bookmark model
*
* @category Bookmarking
* @package SemanticScuttle
* @author Christian Weiske <cweiske@cweiske.de>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
class Model_BookmarkTest extends TestBase
{
public function testIsValidUrlValid()
{
$this->assertTrue(
SemanticScuttle_Model_Bookmark::isValidUrl(
'http://example.org/foo/bar?baz=foorina'
)
);
$this->assertTrue(
SemanticScuttle_Model_Bookmark::isValidUrl(
'https://example.org/'
)
);
$this->assertTrue(
SemanticScuttle_Model_Bookmark::isValidUrl(
'ftp://user:pass@example.org/'
)
);
$this->assertTrue(
SemanticScuttle_Model_Bookmark::isValidUrl(
'mailto:cweiske@example.org'
)
);
}
public function testIsValidUrlInvalid()
{
$this->assertFalse(
SemanticScuttle_Model_Bookmark::isValidUrl(
'javascript:alert("foo")'
)
);
$this->assertFalse(
SemanticScuttle_Model_Bookmark::isValidUrl(
'foo://example.org/foo/bar'
)
);
}
}
?>