mirror of
https://github.com/pierre42100/ComunicAPI
synced 2024-12-25 13:08:58 +00:00
Can get and check a user domain directory validity from a $_POST request
This commit is contained in:
parent
f2a5477f12
commit
37d21ee6c3
@ -444,4 +444,47 @@ function save_post_image(string $fieldName, int $userID, string $folder, int $ma
|
||||
//Return image path
|
||||
return $target_file_path;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Check a user directory validity
|
||||
*
|
||||
* @param string $directory The directory to check
|
||||
* @return bool TRUE if the domain seems to be valid / FALSE else
|
||||
*/
|
||||
function checkUserDirectoryValidity(string $directory) : bool {
|
||||
|
||||
//Check domain length
|
||||
if(strlen($directory) < 4)
|
||||
return FALSE;
|
||||
|
||||
//Check if the domain contains forbidden characters
|
||||
if(str_replace(array(".html", ".txt", ".php", "à", "â", "é", "ê", "@", "/", "\"", "'", '"'), "", $directory) != $directory)
|
||||
return FALSE;
|
||||
|
||||
//If we get there, the domain is valid
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a user post directory from a $_POST request and transform it to make it SQL-safe
|
||||
*
|
||||
* @param string $name The name of the $_POST Request
|
||||
* @return string The user virtual directory, safe for saving
|
||||
* @throws RESTException If the directory is missing, or invalid
|
||||
*/
|
||||
function getPostUserDirectory(string $name) : string {
|
||||
|
||||
//Check if the $_POST variable exists or not
|
||||
if(!isset($_POST[$name]))
|
||||
Rest_fatal_error(400, "Please specify a user directory in '".$name."'!");
|
||||
$directory = (string) $_POST[$name];
|
||||
|
||||
//Check domain validity
|
||||
if(!checkUserDirectoryValidity($directory))
|
||||
Rest_fatal_error(401, "Specified directory seems to be invalid!");
|
||||
|
||||
//Return the directory
|
||||
return $name;
|
||||
|
||||
}
|
Loading…
Reference in New Issue
Block a user