Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-04-26 17:29:21 +02:00
Code Issues Packages Projects Releases Wiki Activity
myaac/system/libs/validator.php
slawkens 60eac97945 Fix creating very uncommon (bugged) account names 
(cherry picked from commit 0326657d60c3f44bbd64d5cb22d4cbc5499dea88)
2020-07-07 01:23:53 +02:00

452 lines
11 KiB
PHP
Raw Blame History

<?php
/**
* Validator class
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
class Validator
{
private static $lastError = '';
public static function number($number) {
if(!preg_match("/^([0-9]+)$/", $number)) {
self::$lastError = 'Invalid number format.';
return false;
}
return true;
}
/**
* Validate account id
* Id lenght must be 6-10 chars
*
* @param string $id Account id to check
* @return bool Is account name valid?
*/
public static function accountId($id)
{
if(!isset($id[0]))
{
self::$lastError = 'Please enter your account number!';
return false;
}
if(!Validator::number($id)) {
self::$lastError = 'Invalid account number format. Please use only numbers 0-9.';
return false;
}
$length = strlen($id);
if($length < 6)
{
self::$lastError = 'Account is too short (min. 6 chars).';
return false;
}
if($length > 10)
{
self::$lastError = 'Account is too long (max. 10 chars).';
return false;
}
return true;
}
/**
* Validate account name
* Name lenght must be 3-32 chars
*
* @param string $name Account name to check
* @return bool Is account name valid?
*/
public static function accountName($name)
{
if(!isset($name[0]))
{
self::$lastError = 'Please enter your account name!';
return false;
}
$length = strlen($name);
if($length < 3)
{
self::$lastError = 'Account name is too short (min. 3 chars).';
return false;
}
if($length > 32)
{
self::$lastError = 'Account name is too long (max. 32 chars).';
return false;
}
if(preg_match('/ {2,}/', $name))
{
self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9 and no double spaces.';
return false;
}
if(!preg_match("/^[A-Z0-9]+$/i", $name))
{
self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.';
return false;
}
return true;
}
/**
* Advanced mail validator
*
* @param string $email
* @return bool Is email valid?
*/
public static function email($email) {
if(empty($email)) {
self::$lastError = 'Please enter your new email address.';
return false;
}
if(strlen($email) > 255) {
self::$lastError = 'E-mail is too long (max. 255 chars).';
return false;
}
if(config('account_mail_block_plus_sign')) {
$explode = explode('@', $email);
if(isset($explode[0]) && (strpos($explode[0],'+') !== false)) {
self::$lastError = 'Please do not use plus (+) sign in your e-mail.';
return false;
}
}
if(!preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[A-z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $email)) {
self::$lastError = 'Invalid e-mail format.';
return false;
}
return true;
}
/**
* Validate account password
* Name lenght must be 3-32 chars
*
* @param string $name Account name to check
* @return bool Is account name valid?
*/
public static function password($password)
{
if (!isset($password[0])) {
self::$lastError = 'Please enter the password.';
return false;
}
if (strlen($password) < 8 || strlen($password) > 30) {
self::$lastError = 'The password must have at least 8 and maximum 30 letters!';
return false;
}
if(strspn($password, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890") != strlen($password)) {
self::$lastError = 'Password contains illegal letters (a-z, A-Z and 0-9 only!).';
return false;
}
if(!ctype_alnum($password)) {
self::$lastError = 'Password contains illegal letters (a-z, A-Z and 0-9 only!).';
return false;
}
if(!preg_match('/[a-zA-Z]/', $password)) {
self::$lastError = 'The password must contain at least one letter A-Z or a-z!';
return false;
}
if(!preg_match('/[0-9]/', $password)) {
self::$lastError = 'The password must contain at least one letter other than A-Z or a-z!';
return false;
}
return true;
}
/**
* Validate character name.
* Name lenght must be 3-25 chars
*
* @param string $name Name to check
* @return bool Is name valid?
*/
public static function characterName($name)
{
if(!isset($name[0]))
{
self::$lastError = 'Please enter character name.';
return false;
}
$length = strlen($name);
if($length < 3)
{
self::$lastError = 'Character name is too short. Min. length <b>3</b> characters.';
return false;
}
if($length > 25)
{
self::$lastError = 'Character name is too long. Max. length <b>25</b> characters.';
return false;
}
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- [ ] '") != $length)
{
self::$lastError = "Invalid name format. Use only A-Z, spaces and '.";
return false;
}
if(preg_match('/ {2,}/', $name))
{
self::$lastError = 'Invalid character name format. Use only A-Z and numbers 0-9 and no double spaces.';
return false;
}
if(!preg_match("/[A-z ']/", $name))
{
self::$lastError = "Invalid name format. Use only A-Z, spaces and '.";
return false;
}
return true;
}
/**
* Validate new character name.
* Name lenght must be 3-25 chars
*
* @param string $name Name to check
* @return bool Is name valid?
*/
public static function newCharacterName($name)
{
global $db, $config;
$name_lower = strtolower($name);
$first_words_blocked = array('admin ', 'administrator ', 'gm ', 'cm ', 'god ','tutor ', "'", '-');
foreach($first_words_blocked as $word)
{
if($word == substr($name_lower, 0, strlen($word))) {
self::$lastError = 'Your name contains blocked words.';
return false;
}
}
if(substr($name_lower, -1) == "'" || substr($name_lower, -1) == "-") {
self::$lastError = 'Your name contains illegal characters.';
return false;
}
if(substr($name_lower, 1, 1) == ' ') {
self::$lastError = 'Your name contains illegal space.';
return false;
}
if(substr($name_lower, -2, 1) == " ") {
self::$lastError = 'Your name contains illegal space.';
return false;
}
if(preg_match('/ {2,}/', $name))
{
self::$lastError = 'Invalid character name format. Use only A-Z and numbers 0-9 and no double spaces.';
return false;
}
if(strtolower($config['lua']['serverName']) == $name_lower) {
self::$lastError = 'Your name cannot be same as server name.';
return false;
}
$names_blocked = array('admin', 'administrator', 'gm', 'cm', 'god', 'tutor');
foreach($names_blocked as $word)
{
if($word == $name_lower) {
self::$lastError = 'Your name contains blocked words.';
return false;
}
}
$words_blocked = array('admin', 'administrator', 'gamemaster', 'game master', 'game-master', "game'master", '--', "''","' ", " '", '- ', ' -', "-'", "'-", 'fuck', 'sux', 'suck', 'noob', 'tutor');
foreach($words_blocked as $word)
{
if(!(strpos($name_lower, $word) === false)) {
self::$lastError = 'Your name contains illegal words.';
return false;
}
}
$name_length = strlen($name_lower);
for($i = 0; $i < $name_length; $i++)
{
if(isset($name_lower[$i]) && isset($name_lower[$i + 1]) && $name_lower[$i] == $name_lower[$i + 1] && isset($name_lower[$i + 2]) && $name_lower[$i] == $name_lower[$i + 2]) {
self::$lastError = 'Your name is invalid.';
return false;
}
}
$player = new OTS_Player();
$player->find($name);
if($player->isLoaded()) {
self::$lastError = 'Character with this name already exist.';
return false;
}
//check if was namelocked previously
if($db->hasTable('player_namelocks') && $db->hasColumn('player_namelocks', 'name')) {
$namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name));
if($namelock->rowCount() > 0) {
self::$lastError = 'Character with this name has been namelocked.';
return false;
}
}
$monsters = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'monsters` WHERE `name` LIKE ' . $db->quote($name_lower));
if($monsters->rowCount() > 0) {
self::$lastError = 'Your name cannot contains monster name.';
return false;
}
$spells_name = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'spells` WHERE `name` LIKE ' . $db->quote($name_lower));
if($spells_name->rowCount() > 0) {
self::$lastError = 'Your name cannot contains spell name.';
return false;
}
$spells_words = $db->query('SELECT `words` FROM `' . TABLE_PREFIX . 'spells` WHERE `words` = ' . $db->quote($name_lower));
if($spells_words->rowCount() > 0) {
self::$lastError = 'Your name cannot contains spell name.';
return false;
}
if(isset($config['npc']))
{
if(in_array($name_lower, $config['npc'])) {
self::$lastError = 'Your name cannot contains NPC name.';
return false;
}
}
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- '") != $name_length) {
self::$lastError = 'This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.';
return false;
}
if(!preg_match("/[A-z ']/", $name)) {
self::$lastError = 'Your name containst illegal characters.';
return false;
}
return true;
}
/**
* Validate guild name
* Name lenght must be 3-32 chars
*
* @param string $name Name to check
* @return bool Is name valid?
*/
public static function guildName($name)
{
if(empty($name)) {
self::$lastError = 'Please enter guild name.';
return false;
}
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) {
self::$lastError = 'Invalid guild name format.';
return false;
}
if(!preg_match("/[A-z ]{3,32}/", $name)) {
self::$lastError = 'Invalid guild name format.';
return false;
}
return true;
}
/**
* Validate guild nick
* Nick lenght must be 3-40 chars
*
* @param string $name Name to check
* @return bool Is name valid?
*/
public static function guildNick($name)
{
if(empty($name)) {
self::$lastError = 'Please enter guild nick.';
return false;
}
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) {
self::$lastError = 'Invalid guild nick format.';
return false;
}
if(!preg_match("/[A-z ]{3,40}/", $name)) {
self::$lastError = 'Invalid guild nick format.';
return false;
}
return true;
}
/**
* Validate rank name
* Rank lenght must be 1-32 chars
*
* @param string $name Name to check
* @return bool Is name valid?
*/
public static function rankName($name)
{
if(empty($name)) {
self::$lastError = 'Please enter rank name.';
return false;
}
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789-[ ] ") != strlen($name)) {
self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.';
return false;
}
if(!preg_match("/[A-z ]{1,32}/", $name)) {
self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.';
return false;
}
return true;
}
/**
* Simple string validator, checks if string contains valid characters
*
* @param string $str String to validate
* @param boolean $numbers Numbers should be allowed?
*/
public static function str($str, $numbers = false) {
return preg_match('/^[a-z0-9\ ]*$/i', $str);
}
public static function getLastError() {
return self::$lastError;
}
}
?>
Reference in New Issue View Git Blame Copy Permalink