/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); // upload if ($this->optionImport && $this->optionImport['error'] != 4) { if ($this->optionImport['error'] != 0) { throw new UserInputException('optionImport', 'uploadFailed'); } try { $xml = new XML($this->optionImport['tmp_name']); $optionsXML = $xml->getElementTree('options'); foreach ($optionsXML['children'] as $option) { $name = $value = ''; foreach ($option['children'] as $optionData) { switch ($optionData['name']) { case 'name': $name = $optionData['cdata']; break; case 'value': $value = $optionData['cdata']; break; } } if (!empty($name)) { $this->options[$name] = $value; } } } catch (SystemException $e) { throw new UserInputException('optionImport', 'importFailed'); } } else { throw new UserInputException('optionImport'); } }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); if (empty($this->serverURL)) { throw new UserInputException('serverURL'); } if (!PackageUpdateServer::isValidServerURL($this->serverURL)) { throw new UserInputException('serverURL', 'notValid'); } }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); if (empty($this->masterPassword)) { throw new UserInputException('masterPassword'); } // check password if (StringUtil::getSaltedHash($this->masterPassword, MASTER_PASSWORD_SALT) != MASTER_PASSWORD) { throw new UserInputException('masterPassword', 'invalid'); } }
/** * @see wcf\form\IForm::validate() */ public function validate() { ACPForm::validate(); if (empty($this->masterPassword)) { throw new UserInputException('masterPassword'); } // check password security if (StringUtil::length($this->masterPassword) < 8) { throw new UserInputException('masterPassword', 'notSecure'); } // digits if (!Regex::compile('\\d')->match($this->masterPassword)) { throw new UserInputException('masterPassword', 'notSecure'); } // latin characters (lower-case) if (!Regex::compile('[a-z]')->match($this->masterPassword)) { throw new UserInputException('masterPassword', 'notSecure'); } // latin characters (upper-case) if (!Regex::compile('[A-Z]')->match($this->masterPassword)) { throw new UserInputException('masterPassword', 'notSecure'); } // special characters if (!Regex::compile('[^0-9a-zA-Z]')->match($this->masterPassword)) { throw new UserInputException('masterPassword', 'notSecure'); } // password equals username if ($this->masterPassword == WCF::getUser()->username) { throw new UserInputException('masterPassword', 'notSecure'); } // search for identical admin passwords $sql = "SELECT\tpassword, salt\n\t\t\tFROM\twcf" . WCF_N . "_user\n\t\t\tWHERE\tuserID IN (\n\t\t\t\t\tSELECT\tuserID\n\t\t\t\t\tFROM\twcf" . WCF_N . "_user_to_group\n\t\t\t\t\tWHERE\tgroupID = 4\n\t\t\t\t)"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(); while ($row = $statement->fetchArray()) { if (StringUtil::getDoubleSaltedHash($this->masterPassword, $row['salt']) == $row['password']) { throw new UserInputException('masterPassword', 'notSecure'); } } // confirm master password if (empty($this->confirmMasterPassword)) { throw new UserInputException('confirmMasterPassword'); } if ($this->confirmMasterPassword != $this->masterPassword) { throw new UserInputException('confirmMasterPassword', 'notEqual'); } }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); if (empty($this->userIDs)) { throw new IllegalLinkException(); } // groups foreach ($this->groupIDs as $groupID) { $group = new UserGroup($groupID); if (!$group->groupID) { throw new UserInputException('groupIDs'); } if (!$group->isAccessible()) { throw new PermissionDeniedException(); } } }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); if (!count($this->updates)) { throw new UserInputException('updates'); } // build update stack $this->packageUpdate = PackageUpdateDispatcher::prepareInstallation($this->updates, array(), isset($_POST['send'])); try { $this->packageUpdate->buildPackageInstallationStack(); $this->excludedPackages = $this->packageUpdate->getExcludedPackages(); if (count($this->excludedPackages)) { throw new UserInputException('excludedPackages'); } } catch (SystemException $e) { // show detailed error message throw new UserInputException('updates', $e); } }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); if ($this->action == 'group') { if (!count($this->groupIDs)) { throw new UserInputException('groupIDs'); } } if ($this->action == '') { if (empty($this->userIDs)) { throw new IllegalLinkException(); } } if (empty($this->subject)) { throw new UserInputException('subject'); } if (empty($this->text)) { throw new UserInputException('text'); } if (empty($this->from)) { throw new UserInputException('from'); } }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); // validate class name if (empty($this->className)) { throw new UserInputException('className'); } if (!class_exists($this->className)) { throw new UserInputException('className', 'doesNotExist'); } try { CronjobUtil::validate($this->startMinute, $this->startHour, $this->startDom, $this->startMonth, $this->startDow); } catch (SystemException $e) { // extract field name $fieldName = ''; if (preg_match("/cronjob attribute '(.*)'/", $e->getMessage(), $match)) { $fieldName = $match[1]; } throw new UserInputException($fieldName, 'notValid'); } }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); if (!empty($this->uploadPackage['name'])) { $this->validateUploadPackage(); } else { if (!empty($this->downloadPackage)) { $this->validateDownloadPackage(); } else { throw new UserInputException('uploadPackage'); } } }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); // refresh package database PackageUpdateDispatcher::refreshPackageDatabase($this->packageUpdateServerIDs); // build conditions $conditions = new PreparedStatementConditionBuilder(); // update servers if (count($this->packageUpdateServerIDs)) { $conditions->add("packageUpdateServerID IN (?)", array($this->packageUpdateServerIDs)); } // name if (!empty($this->packageName)) { $condition = "packageName LIKE ?"; $parameters = array('%' . $this->packageName . '%'); if ($this->searchDescription) { $condition .= " OR packageDescription LIKE ?"; $parameters[] = '%' . $this->packageName . '%'; } $conditions->add('(' . $condition . ')', $parameters); } // author if (!empty($this->author)) { $conditions->add("author LIKE ?", array($this->author)); } // ignore already installed uniques if ($this->ignoreUniques == 1) { $conditions->add("package NOT IN (SELECT package FROM wcf" . WCF_N . "_package WHERE isUnique = 1)"); } // package type if (($this->plugin == 0 || $this->isApplication == 0 || $this->other == 0) && ($this->plugin == 1 || $this->isApplication == 1 || $this->other == 1)) { if ($this->isApplication == 1) { $condition = 'isApplication = 1'; if ($this->plugin == 1) { $condition .= " OR plugin IN (SELECT package FROM wcf" . WCF_N . "_package)"; } else { if ($this->other == 1) { $condition .= " OR plugin = ''"; } } $conditions->add('(' . $condition . ')'); } else { if ($this->plugin == 1) { $condition = "plugin IN (SELECT package FROM wcf" . WCF_N . "_package)"; if ($this->other == 1) { $condition .= " OR isApplication = 0"; } $conditions->add('(' . $condition . ')'); } else { if ($this->other) { $conditions->add("(isApplication = 0 AND plugin = '')"); } } } } // search package database $packages = array(); $packageUpdateIDs = array(); $sql = "SELECT\tpackage, packageUpdateID\n\t\t\tFROM\twcf" . WCF_N . "_package_update\n\t\t\t" . $conditions; $statement = WCF::getDB()->prepareStatement($sql, 1000); $statement->execute($conditions->getParameters()); while ($row = $statement->fetchArray()) { $packageUpdateIDs[] = $row['packageUpdateID']; if (!isset($packages[$row['package']])) { $packages[$row['package']] = array(); } $packages[$row['package']][$row['packageUpdateID']] = array(); } if (empty($packageUpdateIDs)) { throw new UserInputException('packageName'); } // remove duplicates $condition = ''; $statementParameters = array(); foreach ($packageUpdateIDs as $packageUpdateID) { if (!empty($condition)) { $condition .= ','; } $condition .= '?'; $statementParameters[] = $packageUpdateID; } $sql = "SELECT\t\tpuv.packageVersion, pu.package, pu.packageUpdateID\n\t\t\tFROM\t\twcf" . WCF_N . "_package_update_version puv\n\t\t\tLEFT JOIN\twcf" . WCF_N . "_package_update pu\n\t\t\tON\t\t(pu.packageUpdateID = puv.packageUpdateID)\n\t\t\tWHERE\t\tpuv.packageUpdateID IN (" . $condition . ")"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute($statementParameters); while ($row = $statement->fetchArray()) { $packages[$row['package']][$row['packageUpdateID']][] = $row['packageVersion']; } foreach ($packages as $identifier => $packageUpdates) { if (count($packageUpdates) > 1) { foreach ($packageUpdates as $packageUpdateID => $versions) { usort($versions, array('wcf\\data\\package\\Package', 'compareVersion')); $packageUpdates[$packageUpdateID] = array_pop($versions); } uasort($packageUpdates, array('wcf\\data\\package\\Package', 'compareVersion')); } $keys = array_keys($packageUpdates); if (!empty($this->packageUpdateIDs)) { $this->packageUpdateIDs .= ','; } $this->packageUpdateIDs .= array_pop($keys); } }