From: Tim Otten Date: Thu, 21 Jun 2018 00:51:55 +0000 (-0700) Subject: (dev/core#174) Implement CRM_Utils_Cache::assertValidKey X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=cdee59f7a2282ae2eb07ebb9c03ab895813f283f;p=civicrm-core.git (dev/core#174) Implement CRM_Utils_Cache::assertValidKey --- diff --git a/CRM/Utils/Cache.php b/CRM/Utils/Cache.php index 13aeec68ee..171e4d5437 100644 --- a/CRM/Utils/Cache.php +++ b/CRM/Utils/Cache.php @@ -214,4 +214,30 @@ class CRM_Utils_Cache { throw new CRM_Core_Exception("Failed to instantiate cache. No supported cache type found. " . print_r($params, 1)); } + /** + * Assert that a key is well-formed. + * + * @param string $key + * @return string + * Same $key, if it's valid. + * @throws \CRM_Utils_Cache_InvalidArgumentException + */ + public static function assertValidKey($key) { + $strict = CRM_Utils_Constant::value('CIVICRM_PSR16_STRICT', FALSE) || defined('CIVICRM_TEST'); + + if (!is_string($key)) { + throw new CRM_Utils_Cache_InvalidArgumentException("Invalid cache key: Not a string"); + } + + if ($strict && !preg_match(';^[A-Za-z0-9_\-\. ]+$;', $key)) { + throw new CRM_Utils_Cache_InvalidArgumentException("Invalid cache key: Illegal characters"); + } + + if ($strict && strlen($key) > 255) { + throw new CRM_Utils_Cache_InvalidArgumentException("Invalid cache key: Too long"); + } + + return $key; + } + } diff --git a/templates/CRM/common/civicrm.settings.php.template b/templates/CRM/common/civicrm.settings.php.template index ae4d6e269f..2895fed38c 100644 --- a/templates/CRM/common/civicrm.settings.php.template +++ b/templates/CRM/common/civicrm.settings.php.template @@ -399,6 +399,14 @@ if (!defined('CIVICRM_DB_CACHE_PREFIX')) { define('CIVICRM_DB_CACHE_PREFIX', ''); } +/** + * The cache system traditionally allowed a wide range of cache-keys, but some + * cache-keys are prohibited by PSR-16. + */ +if (!defined('CIVICRM_PSR16_STRICT')) { + define('CIVICRM_PSR16_STRICT', FALSE); +} + /** * If you have multilingual site and you are using the "inherit CMS language" * configuration option, but wish to, for example, use fr_CA instead of the