FestinHegre/vendor/symfony/validator/Constraints/NoSuspiciousCharacters.php

119 lines
5.5 KiB
PHP
Raw Normal View History

2024-09-26 17:26:04 +02:00
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Validator\Constraints;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\Exception\LogicException;
/**
* Validates that the given string does not contain characters used in spoofing security attacks.
*
* @see https://www.php.net/manual/en/class.spoofchecker.php
*
* @author Mathieu Lechat <mathieu.lechat@les-tilleuls.coop>
*/
#[\Attribute(\Attribute::TARGET_PROPERTY | \Attribute::TARGET_METHOD | \Attribute::IS_REPEATABLE)]
class NoSuspiciousCharacters extends Constraint
{
public const RESTRICTION_LEVEL_ERROR = '1ece07dc-dca2-45f1-ba47-8d7dc3a12774';
public const INVISIBLE_ERROR = '6ed60e6c-179b-4e93-8a6c-667d85c6de5e';
public const MIXED_NUMBERS_ERROR = '9f01fc26-3bc4-44b1-a6b1-c08e2412053a';
public const HIDDEN_OVERLAY_ERROR = '56380dc5-0476-4f04-bbaa-b68cd1c2d974';
protected const ERROR_NAMES = [
self::RESTRICTION_LEVEL_ERROR => 'RESTRICTION_LEVEL_ERROR',
self::INVISIBLE_ERROR => 'INVISIBLE_ERROR',
self::MIXED_NUMBERS_ERROR => 'MIXED_NUMBERS_ERROR',
self::HIDDEN_OVERLAY_ERROR => 'INVALID_CASE_ERROR',
];
/**
* Check a string for the presence of invisible characters such as zero-width spaces,
* or character sequences that are likely not to display such as multiple occurrences of the same non-spacing mark.
*/
public const CHECK_INVISIBLE = 32;
/**
* Check that a string does not mix numbers from different numbering systems;
* for example “8” (Digit Eight) and “৪” (Bengali Digit Four).
*/
public const CHECK_MIXED_NUMBERS = 128;
/**
* Check that a string does not have a combining character following a character in which it would be hidden;
* for example “i” (Latin Small Letter I) followed by a U+0307 (Combining Dot Above).
*/
public const CHECK_HIDDEN_OVERLAY = 256;
/** @see https://unicode.org/reports/tr39/#ascii_only */
public const RESTRICTION_LEVEL_ASCII = 268435456;
/** @see https://unicode.org/reports/tr39/#single_script */
public const RESTRICTION_LEVEL_SINGLE_SCRIPT = 536870912;
/** @see https://unicode.org/reports/tr39/#highly_restrictive */
public const RESTRICTION_LEVEL_HIGH = 805306368;
/** @see https://unicode.org/reports/tr39/#moderately_restrictive */
public const RESTRICTION_LEVEL_MODERATE = 1073741824;
/** @see https://unicode.org/reports/tr39/#minimally_restrictive */
public const RESTRICTION_LEVEL_MINIMAL = 1342177280;
/** @see https://unicode.org/reports/tr39/#unrestricted */
public const RESTRICTION_LEVEL_NONE = 1610612736;
public string $restrictionLevelMessage = 'This value contains characters that are not allowed by the current restriction-level.';
public string $invisibleMessage = 'Using invisible characters is not allowed.';
public string $mixedNumbersMessage = 'Mixing numbers from different scripts is not allowed.';
public string $hiddenOverlayMessage = 'Using hidden overlay characters is not allowed.';
public int $checks = self::CHECK_INVISIBLE | self::CHECK_MIXED_NUMBERS | self::CHECK_HIDDEN_OVERLAY;
public ?int $restrictionLevel = null;
public ?array $locales = null;
/**
* @param array<string,mixed>|null $options
* @param int-mask-of<self::CHECK_*>|null $checks A bitmask of the checks to perform on the string (defaults to all checks)
* @param int-mask-of<self::RESTRICTION_LEVEL_*>|null $restrictionLevel Configures the set of acceptable characters for the validated string through a specified "level" (defaults to
* {@see NoSuspiciousCharacters::RESTRICTION_LEVEL_MODERATE} on ICU >= 58, {@see NoSuspiciousCharacters::RESTRICTION_LEVEL_SINGLE_SCRIPT} otherwise)
* @param string[]|null $locales Restrict the string's characters to those normally used with these locales. Pass null to use the default locales configured for the NoSuspiciousCharactersValidator. (defaults to null)
* @param string[]|null $groups
*/
public function __construct(
?array $options = null,
?string $restrictionLevelMessage = null,
?string $invisibleMessage = null,
?string $mixedNumbersMessage = null,
?string $hiddenOverlayMessage = null,
?int $checks = null,
?int $restrictionLevel = null,
?array $locales = null,
?array $groups = null,
mixed $payload = null,
) {
if (!class_exists(\Spoofchecker::class)) {
throw new LogicException('The intl extension is required to use the NoSuspiciousCharacters constraint.');
}
parent::__construct($options, $groups, $payload);
$this->restrictionLevelMessage = $restrictionLevelMessage ?? $this->restrictionLevelMessage;
$this->invisibleMessage = $invisibleMessage ?? $this->invisibleMessage;
$this->mixedNumbersMessage = $mixedNumbersMessage ?? $this->mixedNumbersMessage;
$this->hiddenOverlayMessage = $hiddenOverlayMessage ?? $this->hiddenOverlayMessage;
$this->checks = $checks ?? $this->checks;
$this->restrictionLevel = $restrictionLevel ?? $this->restrictionLevel;
$this->locales = $locales ?? $this->locales;
}
}