xref: /webtrees/app/Validator.php (revision 2ebcf907ed34213f816592af04e6c160335d6311)
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2021 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees;
21
22use Closure;
23use Fisharebest\Webtrees\Http\Exceptions\HttpBadRequestException;
24use LogicException;
25use Psr\Http\Message\ServerRequestInterface;
26
27use function array_reduce;
28use function ctype_digit;
29use function is_array;
30use function is_int;
31use function is_string;
32use function parse_url;
33use function preg_match;
34use function str_starts_with;
35
36/**
37 * Validate a parameter from an HTTP request
38 */
39class Validator
40{
41    /** @var array<string|array<string>> */
42    private array $parameters;
43
44    /** @var array<Closure> */
45    private array $rules = [];
46
47    /**
48     * @param array<string|array<string>> $parameters
49     */
50    public function __construct(array $parameters)
51    {
52        $this->parameters = $parameters;
53    }
54
55    /**
56     * @param ServerRequestInterface $request
57     *
58     * @return self
59     */
60    public static function parsedBody(ServerRequestInterface $request): self
61    {
62        return new self((array) $request->getParsedBody());
63    }
64
65    /**
66     * @param ServerRequestInterface $request
67     *
68     * @return self
69     */
70    public static function queryParams(ServerRequestInterface $request): self
71    {
72        return new self($request->getQueryParams());
73    }
74
75    /**
76     * @param int $minimum
77     * @param int $maximum
78     *
79     * @return self
80     */
81    public function isBetween(int $minimum, int $maximum): self
82    {
83        $this->rules[] = static function (?int $value) use ($minimum, $maximum): ?int {
84            if (is_int($value) && $value >= $minimum && $value <= $maximum) {
85                return $value;
86            }
87
88            return null;
89        };
90
91        return $this;
92    }
93
94    /**
95     * @param string $base_url
96     *
97     * @return $this
98     */
99    public function isLocalUrl(string $base_url): self
100    {
101        $this->rules[] = static function (?string $value) use ($base_url): ?string {
102            if (is_string($value)) {
103                $value_info    = parse_url($value);
104                $base_url_info = parse_url($base_url);
105
106                if (!is_array($base_url_info)) {
107                    throw new LogicException(__METHOD__ . ' needs a valid URL');
108                }
109
110                if (is_array($value_info)) {
111                    $scheme_ok = ($value_info['scheme'] ?? 'http') === ($base_url_info['scheme'] ?? 'http');
112                    $host_ok   = ($value_info['host'] ?? '') === ($base_url_info['host'] ?? '');
113                    $port_ok   = ($value_info['port'] ?? '') === ($base_url_info['port'] ?? '');
114                    $user_ok   = ($value_info['user'] ?? '') === ($base_url_info['user'] ?? '');
115                    $path_ok   = str_starts_with($value_info['path'] ?? '/', $base_url_info['path'] ?? '/');
116
117                    if ($scheme_ok && $host_ok && $port_ok && $user_ok && $path_ok) {
118                        return $value;
119                    }
120                }
121            }
122
123            return null;
124        };
125
126        return $this;
127    }
128
129    /**
130     * @return $this
131     */
132    public function isXref(): self
133    {
134        $this->rules[] = static function (?string $value): ?string {
135            if (is_string($value) && preg_match('/^' . Gedcom::REGEX_XREF . '$/', $value) === 1) {
136                return $value;
137            }
138
139            return null;
140        };
141
142        return $this;
143    }
144
145    /**
146     * @param string $parameter
147     *
148     * @return array<string>|null
149     */
150    public function array(string $parameter): ?array
151    {
152        $value = $this->parameters[$parameter] ?? null;
153
154        if (!is_array($value)) {
155            $value = null;
156        }
157
158        $callback = static fn (?array $value, Closure $rule): ?array => $rule($value);
159
160        return array_reduce($this->rules, $callback, $value);
161    }
162
163    /**
164     * @param string $parameter
165     *
166     * @return int|null
167     */
168    public function integer(string $parameter): ?int
169    {
170        $value = $this->parameters[$parameter] ?? null;
171
172        if (is_string($value) && ctype_digit($value)) {
173            $value = (int) $value;
174        } else {
175            $value = null;
176        }
177
178        $callback = static fn (?int $value, Closure $rule): ?int => $rule($value);
179
180        return array_reduce($this->rules, $callback, $value);
181    }
182
183    /**
184     * @param string $parameter
185     *
186     * @return string|null
187     */
188    public function string(string $parameter): ?string
189    {
190        $value = $this->parameters[$parameter] ?? null;
191
192        if (!is_string($value)) {
193            $value = null;
194        }
195
196        $callback = static fn (?string $value, Closure $rule): ?string => $rule($value);
197
198        return array_reduce($this->rules, $callback, $value);
199    }
200
201    /**
202     * @param string $parameter
203     *
204     * @return array<string>
205     */
206    public function requiredArray(string $parameter): array
207    {
208        $value = $this->array($parameter);
209
210        if ($value === null) {
211            throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter));
212        }
213
214        return $value;
215    }
216
217    /**
218     * @param string $parameter
219     *
220     * @return int
221     */
222    public function requiredInteger(string $parameter): int
223    {
224        $value = $this->integer($parameter);
225
226        if ($value === null) {
227            throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter));
228        }
229
230        return $value;
231    }
232
233    /**
234     * @param string $parameter
235     *
236     * @return string
237     */
238    public function requiredString(string $parameter): string
239    {
240        $value = $this->string($parameter);
241
242        if ($value === null) {
243            throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter));
244        }
245
246        return $value;
247    }
248}
249