Added control for ascii characters

2022-03-24 13:53:22 +01:00 · 2022-03-24 13:53:22 +01:00 · 61713b453a
parent a90e31be4f
commit 61713b453a
2 changed files with 45 additions and 3 deletions
--- a/pandora_console/include/class/CredentialStore.class.php
+++ b/pandora_console/include/class/CredentialStore.class.php
@ -623,11 +623,13 @@ class CredentialStore extends Wizard
            $error = __('You must select a group where store this key!');
        } else if (empty($product) === true) {
            $error = __('You must specify a product type');
-        } else if (empty($username) === true && (empty($password) === true)) {
+        } else if (empty($username) === true || (empty($password) === true)) {
            $error = __('You must specify a username and/or password');
+        } else if (evaluate_ascii_valid_string(io_safe_output($identifier)) === false) {
+            $error = __('Identifier with forbidden characters. Check the documentation.');
        }

-        if (isset($error)) {
+        if (isset($error) === true) {
            $this->ajaxMsg('error', $error);
            exit;
        }
--- a/pandora_console/include/graphs/functions_utils.php
+++ b/pandora_console/include/graphs/functions_utils.php
@ -328,3 +328,43 @@ function convert_array_multi($array, $glue)
    $result = substr($result, 0, (0 - strlen($glue)));
    return $result;
 }
+
+
+/**
+ * Evaluate if the chars of coming variable has in the range stablished.
+ *
+ * @param string $string String for be evaluated.
+ * @param array  $ranges Ranges for valid chars. Min: [ x <= Y ] Max: [ Y > x ].
+ * Example of valid ranges: [ '32:126', '150:188' ].
+ *
+ * @return boolean.
+ */
+function evaluate_ascii_valid_string(string $string='', array $ranges=[ '33:38', '40:126' ])
+{
+    if (empty($string) === true) {
+        return false;
+    }
+
+    $countChars = strlen($string);
+    // Let's explore all the chars.
+    for ($i = 0; $i < $countChars; $i++) {
+        // Get ascii number of the char.
+        $asciiNumber = ord($string[$i]);
+        // Check in all ranges.
+        $rangeValidation = false;
+        foreach ($ranges as $range) {
+            list($minRangeValue, $maxRangeValue) = explode(':', $range, 2);
+            // Check if is in range.
+            if ($asciiNumber > (int) $minRangeValue && $asciiNumber < (int) $maxRangeValue) {
+                $rangeValidation = true;
+            }
+        }
+
+        // None of the ranges was validated.
+        if ($rangeValidation === false) {
+            return false;
+        }
+    }
+
+    return true;
+}