xref: /webtrees/app/Validator.php (revision 73d58381388d199b1beb6f2a613b98f25617f706) 
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2021 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees;
21
22use Closure;
23use Fisharebest\Webtrees\Http\Exceptions\HttpBadRequestException;
24use LogicException;
25use Psr\Http\Message\ServerRequestInterface;
26
27use function array_reduce;
28use function ctype_digit;
29use function gettype;
30use function is_array;
31use function is_int;
32use function is_string;
33use function parse_url;
34use function preg_match;
35use function str_starts_with;
36
37/**
38 * Validate a parameter from an HTTP request
39 */
40class Validator
41{
42    /** @var array<string|array<string>> */
43    private array $parameters;
44
45    /** @var array<Closure> */
46    private array $rules = [];
47
48    /**
49     * @param array<string|array<string>> $parameters
50     */
51    public function __construct(array $parameters)
52    {
53        $this->parameters = $parameters;
54    }
55
56    /**
57     * @param ServerRequestInterface $request
58     *
59     * @return self
60     */
61    public static function parsedBody(ServerRequestInterface $request): self
62    {
63        return new self((array) $request->getParsedBody());
64    }
65
66    /**
67     * @param ServerRequestInterface $request
68     *
69     * @return self
70     */
71    public static function queryParams(ServerRequestInterface $request): self
72    {
73        return new self($request->getQueryParams());
74    }
75
76    /**
77     * @param int $minimum
78     * @param int $maximum
79     *
80     * @return self
81     */
82    public function isBetween(int $minimum, int $maximum): self
83    {
84        $this->rules[] = static function ($value) use ($minimum, $maximum): ?int {
85            if (is_int($value)) {
86                if ($value >= $minimum && $value <= $maximum) {
87                    return $value;
88                }
89
90                return null;
91            }
92
93            if ($value === null) {
94                return null;
95            }
96
97            throw new LogicException(__METHOD__ . ' does not accept ' . gettype($value));
98        };
99
100        return $this;
101    }
102
103    /**
104     * @param string $base_url
105     *
106     * @return $this
107     */
108    public function isLocalUrl(string $base_url): self
109    {
110        $this->rules[] = static function ($value) use ($base_url): ?string {
111            if ($value === null) {
112                return null;
113            }
114
115            if (is_string($value)) {
116                $value_info    = parse_url($value);
117                $base_url_info = parse_url($base_url);
118
119                if (!is_array($base_url_info)) {
120                    throw new LogicException(__METHOD__ . ' needs a valid URL');
121                }
122
123                if (is_array($value_info)) {
124                    $scheme_ok = ($value_info['scheme'] ?? 'http') === ($base_url_info['scheme'] ?? 'http');
125                    $host_ok   = ($value_info['host'] ?? '') === ($base_url_info['host'] ?? '');
126                    $port_ok   = ($value_info['port'] ?? '') === ($base_url_info['port'] ?? '');
127                    $user_ok   = ($value_info['user'] ?? '') === ($base_url_info['user'] ?? '');
128                    $path_ok   = str_starts_with($value_info['path'] ?? '/', $base_url_info['path'] ?? '/');
129
130                    if ($scheme_ok && $host_ok && $port_ok && $user_ok && $path_ok) {
131                        return $value;
132                    }
133                }
134
135                return null;
136            }
137
138            throw new LogicException(__METHOD__ . ' does not accept ' . gettype($value));
139        };
140
141        return $this;
142    }
143
144    /**
145     * @return $this
146     */
147    public function isXref(): self
148    {
149        $this->rules[] = static function ($value) {
150            if (is_string($value)) {
151                if (preg_match('/^' . Gedcom::REGEX_XREF . '$/', $value) === 1) {
152                    return $value;
153                }
154
155                return null;
156            }
157
158            if (is_array($value)) {
159                foreach ($value as $item) {
160                    if (preg_match('/^' . Gedcom::REGEX_XREF . '$/', $item) !== 1) {
161                        return null;
162                    }
163                }
164
165                return $value;
166            }
167
168            if ($value === null) {
169                return null;
170            }
171
172            throw new LogicException(__METHOD__ . ' does not accept ' . gettype($value));
173        };
174
175        return $this;
176    }
177
178    /**
179     * @param string $parameter
180     *
181     * @return array<string>|null
182     */
183    public function array(string $parameter): ?array
184    {
185        $value = $this->parameters[$parameter] ?? null;
186
187        if (!is_array($value)) {
188            $value = null;
189        }
190
191        return array_reduce($this->rules, static fn ($value, $rule) => $rule($value), $value);
192    }
193
194    /**
195     * @param string $parameter
196     *
197     * @return int|null
198     */
199    public function integer(string $parameter): ?int
200    {
201        $value = $this->parameters[$parameter] ?? null;
202
203        if (is_string($value) && ctype_digit($value)) {
204            $value = (int) $value;
205        } else {
206            $value = null;
207        }
208
209        return array_reduce($this->rules, static fn ($value, $rule) => $rule($value), $value);
210    }
211
212    /**
213     * @param string $parameter
214     *
215     * @return string|null
216     */
217    public function string(string $parameter): ?string
218    {
219        $value = $this->parameters[$parameter] ?? null;
220
221        if (!is_string($value)) {
222            $value = null;
223        }
224
225        return array_reduce($this->rules, static fn ($value, $rule) => $rule($value), $value);
226    }
227
228    /**
229     * @param string $parameter
230     *
231     * @return array<string>
232     */
233    public function requiredArray(string $parameter): array
234    {
235        $value = $this->array($parameter);
236
237        if (is_array($value)) {
238            return $value;
239        }
240
241        throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter));
242    }
243
244    /**
245     * @param string $parameter
246     *
247     * @return int
248     */
249    public function requiredInteger(string $parameter): int
250    {
251        $value = $this->integer($parameter);
252
253        if (is_int($value)) {
254            return $value;
255        }
256
257        throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter));
258    }
259
260    /**
261     * @param string $parameter
262     *
263     * @return string
264     */
265    public function requiredString(string $parameter): string
266    {
267        $value = $this->string($parameter);
268
269        if (is_string($value)) {
270            return $value;
271        }
272
273        throw new HttpBadRequestException(I18N::translate('The parameter “%s” is missing.', $parameter));
274    }
275}
276