mirror of
https://github.com/getnamingo/registry.git
synced 2025-05-17 10:06:59 +02:00
Pinga
parent
ef475600b3
commit
4fa1289334
6 changed files with 181 additions and 129 deletions
|
|
@ -157,63 +157,57 @@ class ContactsController extends Controller
|
|||
}
|
||||
|
||||
if ($postalInfoLocName) {
|
||||
if (!$postalInfoLocName) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Missing loc contact name');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocName) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocName)) {
|
||||
if (!validateLocField($postalInfoLocName, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Invalid loc contact name');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
|
||||
if ($postalInfoLocOrg) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocOrg) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocOrg)) {
|
||||
if (!validateLocField($postalInfoLocOrg, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Invalid loc contact org');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet1) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet1) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet1)) {
|
||||
if (!validateLocField($postalInfoLocStreet1, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Invalid loc contact street');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet2) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet2) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet2)) {
|
||||
if (!validateLocField($postalInfoLocStreet2, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Invalid loc contact street 2');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet3) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet3) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet3)) {
|
||||
if (!validateLocField($postalInfoLocStreet3, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Invalid loc contact street 3');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoLocCity) || !preg_match('/^[a-z][a-z\-\.\s]{3,}$/i', $postalInfoLocCity)) {
|
||||
if (!validateLocField($postalInfoLocCity, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Invalid loc contact city');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
|
||||
if ($postalInfoLocSp) {
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoLocSp) || !preg_match('/^[A-Z][a-zA-Z\-\.\s]{1,}$/', $postalInfoLocSp)) {
|
||||
if (!validateLocField($postalInfoLocSp, 2)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Invalid loc contact state/province');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocPc) {
|
||||
if (preg_match('/(^\-)|(\-\-)|(\-$)/', $postalInfoLocPc) || !preg_match('/^[A-Z0-9\-\s]{3,}$/', $postalInfoLocPc)) {
|
||||
if (!validateLocField($postalInfoLocPc, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: Invalid loc contact postal code');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
$normalizedVoice = normalizePhoneNumber($voice, strtoupper($postalInfoIntCc));
|
||||
|
|
@ -273,6 +267,12 @@ class ContactsController extends Controller
|
|||
}
|
||||
}
|
||||
|
||||
// Check if either postalInfoIntName or postalInfoLocName exists
|
||||
if (!$postalInfoIntName && !$postalInfoLocName) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to create contact: At least one of the postal info types (INT or LOC) is required.');
|
||||
return $response->withHeader('Location', '/contact/create')->withStatus(302);
|
||||
}
|
||||
|
||||
try {
|
||||
$db->beginTransaction();
|
||||
$currentDateTime = new \DateTime();
|
||||
|
|
@ -298,6 +298,7 @@ class ContactsController extends Controller
|
|||
);
|
||||
$contact_id = $db->getLastInsertId();
|
||||
|
||||
if ($postalInfoIntName) {
|
||||
$db->insert(
|
||||
'contact_postalInfo',
|
||||
[
|
||||
|
|
@ -317,6 +318,7 @@ class ContactsController extends Controller
|
|||
'disclose_addr_int' => $disclose_addr_int
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
if ($postalInfoLocName) {
|
||||
$db->insert(
|
||||
|
|
@ -822,7 +824,7 @@ class ContactsController extends Controller
|
|||
$authInfo_pw = $data['authInfo'] ?? null;
|
||||
|
||||
if (!$identifier) {
|
||||
$this->container->get('flash')->addMessage('error', 'Please provide a contact ID');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Please provide a contact ID');
|
||||
return $response->withHeader('Location', '/contacts')->withStatus(302);
|
||||
}
|
||||
|
||||
|
|
@ -835,58 +837,58 @@ class ContactsController extends Controller
|
|||
|
||||
if ($postalInfoIntName) {
|
||||
if (!$postalInfoIntName) {
|
||||
$this->container->get('flash')->addMessage('error', 'Missing contact name');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Missing contact name');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoIntName) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoIntName)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid contact name');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid contact name');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if ($postalInfoIntOrg) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoIntOrg) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoIntOrg)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid contact org');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid contact org');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoIntStreet1) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoIntStreet1) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoIntStreet1)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid contact street');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid contact street');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoIntStreet2) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoIntStreet2) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoIntStreet2)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid contact street');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid contact street');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoIntStreet3) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoIntStreet3) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoIntStreet3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid contact street');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid contact street');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoIntCity) || !preg_match('/^[a-z][a-z\-\.\s]{3,}$/i', $postalInfoIntCity)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid contact city');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid contact city');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if ($postalInfoIntSp) {
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoIntSp) || !preg_match('/^[A-Z][a-zA-Z\-\.\s]{1,}$/', $postalInfoIntSp)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid contact state/province');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid contact state/province');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoIntPc) {
|
||||
if (preg_match('/(^\-)|(\-\-)|(\-$)/', $postalInfoIntPc) || !preg_match('/^[A-Z0-9\-\s]{3,}$/', $postalInfoIntPc)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid contact postal code');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid contact postal code');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
|
@ -894,92 +896,86 @@ class ContactsController extends Controller
|
|||
}
|
||||
|
||||
if ($postalInfoLocName) {
|
||||
if (!$postalInfoLocName) {
|
||||
$this->container->get('flash')->addMessage('error', 'Missing loc contact name');
|
||||
return $response->withHeader('Location', '/contacts')->withStatus(302);
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocName) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocName)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid loc contact name');
|
||||
if (!validateLocField($postalInfoLocName, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid loc contact name');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if ($postalInfoLocOrg) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocOrg) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocOrg)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid loc contact org');
|
||||
if (!validateLocField($postalInfoLocOrg, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid loc contact org');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet1) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet1) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet1)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid loc contact street');
|
||||
if (!validateLocField($postalInfoLocStreet1, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid loc contact street');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet2) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet2) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet2)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid loc contact street');
|
||||
if (!validateLocField($postalInfoLocStreet2, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid loc contact street 2');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet3) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet3) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid loc contact street');
|
||||
if (!validateLocField($postalInfoLocStreet3, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid loc contact street 3');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoLocCity) || !preg_match('/^[a-z][a-z\-\.\s]{3,}$/i', $postalInfoLocCity)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid loc contact city');
|
||||
if (!validateLocField($postalInfoLocCity, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid loc contact city');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if ($postalInfoLocSp) {
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoLocSp) || !preg_match('/^[A-Z][a-zA-Z\-\.\s]{1,}$/', $postalInfoLocSp)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid loc contact state/province');
|
||||
if (!validateLocField($postalInfoLocSp, 2)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid loc contact state/province');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocPc) {
|
||||
if (preg_match('/(^\-)|(\-\-)|(\-$)/', $postalInfoLocPc) || !preg_match('/^[A-Z0-9\-\s]{3,}$/', $postalInfoLocPc)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Invalid loc contact postal code');
|
||||
if (!validateLocField($postalInfoLocPc, 3)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Invalid loc contact postal code');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if ($voice && (!preg_match('/^\+\d{1,3}\.\d{1,14}$/', $voice) || strlen($voice) > 17)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Voice must be (\+[0-9]{1,3}\.[0-9]{1,14})');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Voice must be (\+[0-9]{1,3}\.[0-9]{1,14})');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if ($fax && (!preg_match('/^\+\d{1,3}\.\d{1,14}$/', $fax) || strlen($fax) > 17)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Fax must be (\+[0-9]{1,3}\.[0-9]{1,14})');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Fax must be (\+[0-9]{1,3}\.[0-9]{1,14})');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Email address failed check');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Email address failed check');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if (!$authInfo_pw) {
|
||||
$this->container->get('flash')->addMessage('error', 'Email contact authinfo');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Email contact authinfo');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if ((strlen($authInfo_pw) < 6) || (strlen($authInfo_pw) > 16)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Password needs to be at least 6 and up to 16 characters long');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Password needs to be at least 6 and up to 16 characters long');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
if (!preg_match('/[A-Z]/', $authInfo_pw)) {
|
||||
$this->container->get('flash')->addMessage('error', 'Password should have both upper and lower case characters');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: Password should have both upper and lower case characters');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
|
|
@ -998,11 +994,17 @@ class ContactsController extends Controller
|
|||
$nin_type = (isset($data['isBusiness']) && $data['isBusiness'] === 'on') ? 'business' : 'personal';
|
||||
|
||||
if (!preg_match('/\d/', $nin)) {
|
||||
$this->container->get('flash')->addMessage('error', 'NIN should contain one or more numbers');
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: NIN should contain one or more numbers');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
}
|
||||
|
||||
// Check if either postalInfoIntName or postalInfoLocName exists
|
||||
if (!$postalInfoIntName && !$postalInfoLocName) {
|
||||
$this->container->get('flash')->addMessage('error', 'Unable to update contact: At least one of the postal info types (INT or LOC) is required.');
|
||||
return $response->withHeader('Location', '/contact/update/'.$identifier)->withStatus(302);
|
||||
}
|
||||
|
||||
try {
|
||||
$db->beginTransaction();
|
||||
$currentDateTime = new \DateTime();
|
||||
|
|
@ -1032,10 +1034,10 @@ class ContactsController extends Controller
|
|||
[$identifier]
|
||||
);
|
||||
|
||||
if ($postalInfoIntName) {
|
||||
$db->update(
|
||||
'contact_postalInfo',
|
||||
[
|
||||
'type' => 'int',
|
||||
'name' => $postalInfoIntName ?? null,
|
||||
'org' => $postalInfoIntOrg ?? null,
|
||||
'street1' => $postalInfoIntStreet1 ?? null,
|
||||
|
|
@ -1050,9 +1052,11 @@ class ContactsController extends Controller
|
|||
'disclose_addr_int' => $disclose_addr_int
|
||||
],
|
||||
[
|
||||
'contact_id' => $contact_id
|
||||
'contact_id' => $contact_id,
|
||||
'type' => 'int',
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
if ($postalInfoLocName) {
|
||||
$does_it_exist = $db->selectValue("SELECT id FROM contact_postalInfo WHERE contact_id = ? AND type = 'loc'", [$contact_id]);
|
||||
|
|
@ -1061,7 +1065,6 @@ class ContactsController extends Controller
|
|||
$db->update(
|
||||
'contact_postalInfo',
|
||||
[
|
||||
'type' => 'loc',
|
||||
'name' => $postalInfoLocName ?? null,
|
||||
'org' => $postalInfoLocOrg ?? null,
|
||||
'street1' => $postalInfoLocStreet1 ?? null,
|
||||
|
|
@ -1077,6 +1080,7 @@ class ContactsController extends Controller
|
|||
],
|
||||
[
|
||||
'contact_id' => $contact_id,
|
||||
'type' => 'loc',
|
||||
]
|
||||
);
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -526,3 +526,19 @@ function generateAuthInfo(): string {
|
|||
|
||||
return $retVal;
|
||||
}
|
||||
|
||||
function validateLocField($input, $minLength = 5, $maxLength = 255) {
|
||||
// Normalize input to NFC form
|
||||
$input = normalizer_normalize($input, Normalizer::FORM_C);
|
||||
|
||||
// Remove control characters to prevent hidden injections
|
||||
$input = preg_replace('/[\p{C}]/u', '', $input);
|
||||
|
||||
// Define a general regex pattern to match Unicode letters, numbers, punctuation, and spaces
|
||||
$locRegex = '/^[\p{L}\p{N}\p{P}\p{Zs}\-\/&.,]+$/u';
|
||||
|
||||
// Check length constraints and regex pattern
|
||||
return mb_strlen($input) >= $minLength &&
|
||||
mb_strlen($input) <= $maxLength &&
|
||||
preg_match($locRegex, $input);
|
||||
}
|
||||
|
|
@ -80,27 +80,39 @@
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% if contactPostal is not empty %}
|
||||
{% set intExists = false %}
|
||||
{% set locExists = false %}
|
||||
|
||||
{% for postal in contactPostal %}
|
||||
{% if not (intExists and locExists) %}
|
||||
{% if postal.type == 'int' %}
|
||||
{% set intExists = true %}
|
||||
{% elseif postal.type == 'loc' %}
|
||||
{% set locExists = true %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
<div class="card mb-3">
|
||||
<div class="card-header">
|
||||
<ul class="nav nav-tabs card-header-tabs" data-bs-toggle="tabs">
|
||||
<li class="nav-item">
|
||||
<a href="#tabs-int" class="nav-link active" data-bs-toggle="tab">{{ __('International') }}</a>
|
||||
<a href="#tabs-int" class="nav-link{% if intExists or (not intExists and not locExists) %} active{% endif %}" data-bs-toggle="tab">{{ __('Internationalized') }}</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a href="#tabs-loc" class="nav-link" data-bs-toggle="tab">{{ __('Localized') }}</a>
|
||||
<a href="#tabs-loc" class="nav-link{% if not intExists and locExists %} active{% endif %}" data-bs-toggle="tab">{{ __('Localized') }}</a>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<div class="tab-content">
|
||||
{% if contactPostal is not empty %}
|
||||
{% set intExists = false %}
|
||||
{% set locExists = false %}
|
||||
{% if intExists %}
|
||||
{% for postal in contactPostal %}
|
||||
{% if postal.type == 'int' %}
|
||||
{% set intExists = true %}
|
||||
<div class="tab-pane active show" id="tabs-int">
|
||||
<h4>{{ __('International Contact Details') }}</h4>
|
||||
<div class="tab-pane {% if intExists or (not intExists and not locExists) %} show active{% endif %}" id="tabs-int">
|
||||
<h4>{{ __('Internationalized Contact Details') }}</h4>
|
||||
<div class="datagrid">
|
||||
<div class="datagrid-item">
|
||||
<div class="datagrid-title">{{ __('Name') }}</div>
|
||||
|
|
@ -174,15 +186,19 @@
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% elseif postal.type == 'loc' %}
|
||||
{% set locExists = true %}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
<div class="tab-pane {% if intExists or (not intExists and not locExists) %} show active{% endif %}" id="tabs-int">
|
||||
<h4>{{ __('Internationalized Contact Details') }}</h4>
|
||||
<div>{{ __('No Internationalized Contact Information Available') }}</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
{% if locExists %}
|
||||
{% for postal in contactPostal %}
|
||||
{% if postal.type == 'loc' %}
|
||||
<div class="tab-pane" id="tabs-loc">
|
||||
<div class="tab-pane{% if not intExists and locExists %} show active{% endif %}" id="tabs-loc">
|
||||
<h4>{{ __('Localized Contact Details') }}</h4>
|
||||
<div class="datagrid">
|
||||
<div class="datagrid-item">
|
||||
|
|
@ -260,7 +276,7 @@
|
|||
{% endif %}
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
<div class="tab-pane" id="tabs-loc">
|
||||
<div class="tab-pane{% if not intExists and locExists %} show active{% endif %}" id="tabs-loc">
|
||||
<h4>{{ __('Localized Contact Details') }}</h4>
|
||||
<div>{{ __('No Localized Contact Information Available') }}</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -152,53 +152,53 @@ function processContactCreate($conn, $db, $xml, $clid, $database_type, $trans) {
|
|||
return;
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocName) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocName)) {
|
||||
if (!validateLocField($postalInfoLocName, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:name', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
|
||||
if ($postalInfoLocOrg) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocOrg) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocOrg)) {
|
||||
if (!validateLocField($postalInfoLocOrg, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:org', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet1) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet1) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet1)) {
|
||||
if (!validateLocField($postalInfoLocStreet1, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:street', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet2) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet2) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet2)) {
|
||||
if (!validateLocField($postalInfoLocStreet2, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:street', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet3) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet3) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet3)) {
|
||||
if (!validateLocField($postalInfoLocStreet3, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:street', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoLocCity) || !preg_match('/^[a-z][a-z\-\.\s]{3,}$/i', $postalInfoLocCity)) {
|
||||
if (!validateLocField($postalInfoLocCity, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:city', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
|
||||
if ($postalInfoLocSp) {
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoLocSp) || !preg_match('/^[A-Z][a-zA-Z\-\.\s]{1,}$/', $postalInfoLocSp)) {
|
||||
if (!validateLocField($postalInfoLocSp, 2)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:sp', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocPc) {
|
||||
if (preg_match('/(^\-)|(\-\-)|(\-$)/', $postalInfoLocPc) || !preg_match('/^[A-Z0-9\-\s]{3,}$/', $postalInfoLocPc)) {
|
||||
if (!validateLocField($postalInfoLocPc, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:pc', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -237,53 +237,53 @@ function processContactUpdate($conn, $db, $xml, $clid, $database_type, $trans) {
|
|||
return;
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocName) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocName)) {
|
||||
if (!validateLocField($postalInfoLocName, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:name', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
|
||||
if ($postalInfoLocOrg) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocOrg) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocOrg)) {
|
||||
if (!validateLocField($postalInfoLocOrg, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:org', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet1) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet1) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet1)) {
|
||||
if (!validateLocField($postalInfoLocStreet1, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:street', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet2) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet2) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet2)) {
|
||||
if (!validateLocField($postalInfoLocStreet2, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:street', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocStreet3) {
|
||||
if (preg_match('/(^\-)|(^\,)|(^\.)|(\-\-)|(\,\,)|(\.\.)|(\-$)/', $postalInfoLocStreet3) || !preg_match('/^[a-zA-Z0-9\-\&\,\.\/\s]{5,}$/', $postalInfoLocStreet3)) {
|
||||
if (!validateLocField($postalInfoLocStreet3, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:street', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoLocCity) || !preg_match('/^[a-z][a-z\-\.\s]{3,}$/i', $postalInfoLocCity)) {
|
||||
if (!validateLocField($postalInfoLocCity, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:city', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
|
||||
if ($postalInfoLocSp) {
|
||||
if (preg_match('/(^\-)|(^\.)|(\-\-)|(\.\.)|(\.\-)|(\-\.)|(\-$)|(\.$)/', $postalInfoLocSp) || !preg_match('/^[A-Z][a-zA-Z\-\.\s]{1,}$/', $postalInfoLocSp)) {
|
||||
if (!validateLocField($postalInfoLocSp, 2)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:sp', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ($postalInfoLocPc) {
|
||||
if (preg_match('/(^\-)|(\-\-)|(\-$)/', $postalInfoLocPc) || !preg_match('/^[A-Z0-9\-\s]{3,}$/', $postalInfoLocPc)) {
|
||||
if (!validateLocField($postalInfoLocPc, 3)) {
|
||||
sendEppError($conn, $db, 2005, 'Invalid contact:pc', $clTRID, $trans);
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -667,3 +667,19 @@ function expandIPv6($ip) {
|
|||
|
||||
return implode(':', $expanded);
|
||||
}
|
||||
|
||||
function validateLocField($input, $minLength = 5, $maxLength = 255) {
|
||||
// Normalize input to NFC form
|
||||
$input = normalizer_normalize($input, Normalizer::FORM_C);
|
||||
|
||||
// Remove control characters to prevent hidden injections
|
||||
$input = preg_replace('/[\p{C}]/u', '', $input);
|
||||
|
||||
// Define a general regex pattern to match Unicode letters, numbers, punctuation, and spaces
|
||||
$locRegex = '/^[\p{L}\p{N}\p{P}\p{Zs}\-\/&.,]+$/u';
|
||||
|
||||
// Check length constraints and regex pattern
|
||||
return mb_strlen($input) >= $minLength &&
|
||||
mb_strlen($input) <= $maxLength &&
|
||||
preg_match($locRegex, $input);
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue