projects / civicrm-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c456f7e)
CRM-20906 backport for 4.6
authorMark Hanna <mark@skvare.com>
Sat, 21 Oct 2017 21:55:32 +0000 (16:55 -0500)
committerMark Hanna <mark@skvare.com>
Sat, 21 Oct 2017 21:55:32 +0000 (16:55 -0500)
CRM/Admin/Form/Extensions.php patch | blob | blame | history
CRM/Utils/Rule.php patch | blob | blame | history
CRM/Utils/Type.php patch | blob | blame | history
tests/phpunit/CRM/Utils/RuleTest.php patch | blob | blame | history

diff --git a/CRM/Admin/Form/Extensions.php b/CRM/Admin/Form/Extensions.php
index fcd7f1ce3c649247fd98023296800c7a51e38660..927db31af47a212607e8306a5c4c5ce886c0fc8d 100644 (file)
--- a/CRM/Admin/Form/Extensions.php
+++ b/CRM/Admin/Form/Extensions.php
@@ -51,6 +51,10 @@ class CRM_Admin_Form_Extensions extends CRM_Admin_Form {
       $this, FALSE, 0
     );
 
+    if (!CRM_Utils_Type::validate($this->_key, 'ExtensionKey')) {
+      throw new CRM_Core_Exception('Extension Key does not match expected standard');
+    }
+
     $session = CRM_Core_Session::singleton();
     $url = CRM_Utils_System::url('civicrm/admin/extensions', 'reset=1&action=browse');
     $session->pushUserContext($url);
diff --git a/CRM/Utils/Rule.php b/CRM/Utils/Rule.php
index aff62b8ac6cc85039a754b58f60fbe5ffda63f94..0c3aea4465008f7550a80af86dfdbe3d6cd36fb2 100644 (file)
--- a/CRM/Utils/Rule.php
+++ b/CRM/Utils/Rule.php
@@ -857,4 +857,16 @@ class CRM_Utils_Rule {
     return ($key) ? CRM_Core_Key::valid($key) : FALSE;
   }
 
+  /**
+   * @param string $key Extension Key to check
+   * @return bool
+   */
+  public static function checkExtensionKeyIsValid($key = NULL) {
+
+    if (!empty($key) && !preg_match('/^[0-9a-zA-Z._-]+$/', $key)) {
+      return FALSE;
+    }
+    return TRUE;
+  }
+
 }
diff --git a/CRM/Utils/Type.php b/CRM/Utils/Type.php
index 038d49713e6b7b9c07a3a213f5042adf8c1fb5ac..b2f87ffbe1e2bbc991822e093baab1317ec0a2b3 100644 (file)
--- a/CRM/Utils/Type.php
+++ b/CRM/Utils/Type.php
@@ -417,6 +417,12 @@ class CRM_Utils_Type {
         }
         break;
 
+      case 'ExtensionKey':
+        if (CRM_Utils_Rule::checkExtensionKeyIsValid($data)) {
+          return $data;
+        }
+        break;
+
       default:
         CRM_Core_Error::fatal("Cannot recognize $type for $data");
         break;
diff --git a/tests/phpunit/CRM/Utils/RuleTest.php b/tests/phpunit/CRM/Utils/RuleTest.php
index d3be0ee46c0af070f5807283179ee2b84b7c4c54..168efeb10185f790a6fe2647e2e6ad58bf6d5ab6 100644 (file)
--- a/tests/phpunit/CRM/Utils/RuleTest.php
+++ b/tests/phpunit/CRM/Utils/RuleTest.php
@@ -80,4 +80,24 @@ class CRM_Utils_RuleTest extends CiviUnitTestCase {
     );
   }
 
+  /**
+   * @return array
+   */
+  public function extensionKeyTests() {
+    $keys = array();
+    $keys[] = array('org.civicrm.multisite', TRUE);
+    $keys[] = array('au.org.contribute2016', TRUE);
+    $keys[] = array('%3Csvg%20onload=alert(0)%3E', FALSE);
+    return $keys;
+  }
+
+  /**
+   * @param $key
+   * @param $expectedResult
+   * @dataProvider extensionKeyTests
+   */
+  public function testExtensionKeyValid($key, $expectedResult) {
+    $this->assertEquals($expectedResult, CRM_Utils_Rule::checkExtensionKeyIsValid($key));
+  }
+
 }