]>
Commit | Line | Data |
---|---|---|
d4949327 NL |
1 | <?php\r |
2 | \r | |
3 | /**\r | |
4 | * Validates an IPv6 address.\r | |
5 | * @author Feyd @ forums.devnetwork.net (public domain)\r | |
6 | * @note This function requires brackets to have been removed from address\r | |
7 | * in URI.\r | |
8 | */\r | |
9 | class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4\r | |
10 | {\r | |
11 | \r | |
12 | /**\r | |
13 | * @param string $aIP\r | |
14 | * @param HTMLPurifier_Config $config\r | |
15 | * @param HTMLPurifier_Context $context\r | |
16 | * @return bool|string\r | |
17 | */\r | |
18 | public function validate($aIP, $config, $context)\r | |
19 | {\r | |
20 | if (!$this->ip4) {\r | |
21 | $this->_loadRegex();\r | |
22 | }\r | |
23 | \r | |
24 | $original = $aIP;\r | |
25 | \r | |
26 | $hex = '[0-9a-fA-F]';\r | |
27 | $blk = '(?:' . $hex . '{1,4})';\r | |
28 | $pre = '(?:/(?:12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))'; // /0 - /128\r | |
29 | \r | |
30 | // prefix check\r | |
31 | if (strpos($aIP, '/') !== false) {\r | |
32 | if (preg_match('#' . $pre . '$#s', $aIP, $find)) {\r | |
33 | $aIP = substr($aIP, 0, 0 - strlen($find[0]));\r | |
34 | unset($find);\r | |
35 | } else {\r | |
36 | return false;\r | |
37 | }\r | |
38 | }\r | |
39 | \r | |
40 | // IPv4-compatiblity check\r | |
41 | if (preg_match('#(?<=:' . ')' . $this->ip4 . '$#s', $aIP, $find)) {\r | |
42 | $aIP = substr($aIP, 0, 0 - strlen($find[0]));\r | |
43 | $ip = explode('.', $find[0]);\r | |
44 | $ip = array_map('dechex', $ip);\r | |
45 | $aIP .= $ip[0] . $ip[1] . ':' . $ip[2] . $ip[3];\r | |
46 | unset($find, $ip);\r | |
47 | }\r | |
48 | \r | |
49 | // compression check\r | |
50 | $aIP = explode('::', $aIP);\r | |
51 | $c = count($aIP);\r | |
52 | if ($c > 2) {\r | |
53 | return false;\r | |
54 | } elseif ($c == 2) {\r | |
55 | list($first, $second) = $aIP;\r | |
56 | $first = explode(':', $first);\r | |
57 | $second = explode(':', $second);\r | |
58 | \r | |
59 | if (count($first) + count($second) > 8) {\r | |
60 | return false;\r | |
61 | }\r | |
62 | \r | |
63 | while (count($first) < 8) {\r | |
64 | array_push($first, '0');\r | |
65 | }\r | |
66 | \r | |
67 | array_splice($first, 8 - count($second), 8, $second);\r | |
68 | $aIP = $first;\r | |
69 | unset($first, $second);\r | |
70 | } else {\r | |
71 | $aIP = explode(':', $aIP[0]);\r | |
72 | }\r | |
73 | $c = count($aIP);\r | |
74 | \r | |
75 | if ($c != 8) {\r | |
76 | return false;\r | |
77 | }\r | |
78 | \r | |
79 | // All the pieces should be 16-bit hex strings. Are they?\r | |
80 | foreach ($aIP as $piece) {\r | |
81 | if (!preg_match('#^[0-9a-fA-F]{4}$#s', sprintf('%04s', $piece))) {\r | |
82 | return false;\r | |
83 | }\r | |
84 | }\r | |
85 | return $original;\r | |
86 | }\r | |
87 | }\r | |
88 | \r | |
89 | // vim: et sw=4 sts=4\r |