/** * A utility function to test if the supplied url path is valid for the supplied content id * * @param string The partial url path to test * @return boolean */ public static function is_valid_url($url, $content_id = '') { // check for starting or ending slashes if (startswith($url, '/') || endswith($url, '/')) { return FALSE; } // first check for invalid chars. $translated = munge_string_to_url($url, false, true); if (strtolower($translated) != strtolower($url)) { return FALSE; } cms_route_manager::load_routes(); $route = cms_route_manager::find_match($url); if (!$route) { return TRUE; } if ($route->is_content()) { if ($content_id == '' || $route->get_content() == $content_id) { return TRUE; } } return FALSE; }
/** * A utility function to test if the supplied url path is valid for the supplied content id * * @param string The partial url path to test * @return boolean */ public static function is_valid_url($url, $content_id = '') { // check for starting or ending slashes if (startswith($url, '/') || endswith($url, '/')) { return FALSE; } // first check for invalid chars. // strip off any extension (that is like 5 chars or less) $pos = strrpos($url, '.'); if ($pos !== FALSE) { // have an extension. $ext = substr($url, $pos + 1); if (strlen($ext) >= 5 || munge_string_to_url($ext, false, true) != strtolower($ext)) { return FALSE; } $tmp = substr($url, 0, $pos); if (munge_string_to_url($tmp, false, true) != strtolower($tmp)) { return FALSE; } } else { $translated = munge_string_to_url($url, false, true); if (strtolower($translated) != strtolower($url)) { return FALSE; } } cms_route_manager::load_routes(); $route = cms_route_manager::find_match($url, TRUE); if (!$route) { return TRUE; } if ($route->is_content()) { if ($content_id == '' || $route->get_content() == $content_id) { return TRUE; } } return FALSE; }
if (empty($error) && $news_url != '') { // check for starting or ending slashes if (startswith($news_url, '/') || endswith($news_url, '/')) { $error = $this->ShowErrors($this->Lang('error_invalidurl')); } if ($error === FALSE) { // check for invalid chars. $translated = munge_string_to_url($news_url, false, true); if (strtolower($translated) != strtolower($news_url)) { $error = $this->ShowErrors($this->Lang('error_invalidurl')); } } if ($error === FALSE) { // make sure this url isn't taken. $news_url = trim($news_url, " /\t\r\n"); cms_route_manager::load_routes(); $route = cms_route_manager::find_match($news_url); if ($route) { // we're adding an article, not editing... any matching route is bad. $error = $this->ShowErrors($this->Lang('error_invalidurl')); } } } // // database work // if ($error !== FAlSE) { echo $error; } else { $articleid = $db->GenID(cms_db_prefix() . "module_news_seq"); $query = 'INSERT INTO ' . cms_db_prefix() . 'module_news (news_id, news_category_id, news_title, news_data, summary, status, news_date, start_time, end_time, create_date, modified_date,author_id,news_extra,news_url) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)';