UrlValidator.php 3.72 KB
Newer Older
w  
Qiang Xue committed
1 2 3
<?php
/**
 * @link http://www.yiiframework.com/
Qiang Xue committed
4
 * @copyright Copyright (c) 2008 Yii Software LLC
w  
Qiang Xue committed
5 6 7
 * @license http://www.yiiframework.com/license/
 */

w  
Qiang Xue committed
8 9
namespace yii\validators;

Qiang Xue committed
10
use Yii;
11 12 13
use yii\helpers\Html;
use yii\helpers\JsExpression;
use yii\helpers\Json;
Qiang Xue committed
14

w  
Qiang Xue committed
15
/**
w  
Qiang Xue committed
16
 * UrlValidator validates that the attribute value is a valid http or https URL.
w  
Qiang Xue committed
17 18
 *
 * @author Qiang Xue <qiang.xue@gmail.com>
w  
Qiang Xue committed
19
 * @since 2.0
w  
Qiang Xue committed
20
 */
w  
Qiang Xue committed
21
class UrlValidator extends Validator
w  
Qiang Xue committed
22 23 24
{
	/**
	 * @var string the regular expression used to validate the attribute value.
w  
Qiang Xue committed
25 26
	 * The pattern may contain a `{schemes}` token that will be replaced
	 * by a regular expression which represents the [[validSchemes]].
w  
Qiang Xue committed
27 28 29 30 31 32 33 34 35 36 37 38 39 40
	 */
	public $pattern = '/^{schemes}:\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)/i';
	/**
	 * @var array list of URI schemes which should be considered valid. By default, http and https
	 * are considered to be valid schemes.
	 **/
	public $validSchemes = array('http', 'https');
	/**
	 * @var string the default URI scheme. If the input doesn't contain the scheme part, the default
	 * scheme will be prepended to it (thus changing the input). Defaults to null, meaning a URL must
	 * contain the scheme part.
	 **/
	public $defaultScheme;

Qiang Xue committed
41 42 43 44 45 46 47 48 49 50 51 52

	/**
	 * Initializes the validator.
	 */
	public function init()
	{
		parent::init();
		if ($this->message === null) {
			$this->message = Yii::t('yii|{attribute} is not a valid URL.');
		}
	}

w  
Qiang Xue committed
53 54 55
	/**
	 * Validates the attribute of the object.
	 * If there is any error, the error message is added to the object.
w  
Qiang Xue committed
56
	 * @param \yii\base\Model $object the object being validated
w  
Qiang Xue committed
57 58
	 * @param string $attribute the attribute being validated
	 */
w  
Qiang Xue committed
59
	public function validateAttribute($object, $attribute)
w  
Qiang Xue committed
60 61
	{
		$value = $object->$attribute;
Qiang Xue committed
62 63 64 65
		if ($this->validateValue($value)) {
			if ($this->defaultScheme !== null && strpos($value, '://') === false) {
				$object->$attribute = $this->defaultScheme . '://' . $value;
			}
Qiang Xue committed
66
		} else {
Qiang Xue committed
67
			$this->addError($object, $attribute, $this->message);
w  
Qiang Xue committed
68 69 70 71
		}
	}

	/**
Qiang Xue committed
72 73 74
	 * Validates the given value.
	 * @param mixed $value the value to be validated.
	 * @return boolean whether the value is valid.
w  
Qiang Xue committed
75 76 77
	 */
	public function validateValue($value)
	{
w  
Qiang Xue committed
78 79 80
		// make sure the length is limited to avoid DOS attacks
		if (is_string($value) && strlen($value) < 2000) {
			if ($this->defaultScheme !== null && strpos($value, '://') === false) {
w  
Qiang Xue committed
81
				$value = $this->defaultScheme . '://' . $value;
w  
Qiang Xue committed
82
			}
w  
Qiang Xue committed
83

w  
Qiang Xue committed
84
			if (strpos($this->pattern, '{schemes}') !== false) {
w  
Qiang Xue committed
85
				$pattern = str_replace('{schemes}', '(' . implode('|', $this->validSchemes) . ')', $this->pattern);
Qiang Xue committed
86
			} else {
w  
Qiang Xue committed
87
				$pattern = $this->pattern;
w  
Qiang Xue committed
88
			}
w  
Qiang Xue committed
89

w  
Qiang Xue committed
90
			if (preg_match($pattern, $value)) {
Qiang Xue committed
91
				return true;
w  
Qiang Xue committed
92
			}
w  
Qiang Xue committed
93 94 95 96 97 98
		}
		return false;
	}

	/**
	 * Returns the JavaScript needed for performing client-side validation.
w  
Qiang Xue committed
99
	 * @param \yii\base\Model $object the data object being validated
w  
Qiang Xue committed
100 101
	 * @param string $attribute the name of the attribute to be validated.
	 * @return string the client-side validation script.
Qiang Xue committed
102
	 * @see \yii\Web\ActiveForm::enableClientValidation
w  
Qiang Xue committed
103 104 105
	 */
	public function clientValidateAttribute($object, $attribute)
	{
Alexander Makarov committed
106
		if (strpos($this->pattern, '{schemes}') !== false) {
w  
Qiang Xue committed
107
			$pattern = str_replace('{schemes}', '(' . implode('|', $this->validSchemes) . ')', $this->pattern);
Alexander Makarov committed
108
		} else {
w  
Qiang Xue committed
109
			$pattern = $this->pattern;
Alexander Makarov committed
110
		}
w  
Qiang Xue committed
111

112 113 114 115 116 117 118
		$options = array(
			'pattern' => new JsExpression($pattern),
			'message' => Html::encode(strtr($this->message, array(
				'{attribute}' => $object->getAttributeLabel($attribute),
				'{value}' => $object->$attribute,
			))),
		);
Qiang Xue committed
119
		if ($this->skipOnEmpty) {
120 121 122 123
			$options['skipOnEmpty'] = 1;
		}
		if ($this->defaultScheme !== null) {
			$options['defaultScheme'] = $this->defaultScheme;
w  
Qiang Xue committed
124 125
		}

126
		return 'yii.validation.url(value, messages, ' . Json::encode($options) . ');';
w  
Qiang Xue committed
127 128 129
	}
}