Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
  • Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
   1  <?php
   2  
   3  /**

   4   * Validates an IPv6 address.

   5   * @author Feyd @ forums.devnetwork.net (public domain)

   6   * @note This function requires brackets to have been removed from address

   7   *       in URI.

   8   */
   9  class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4
  10  {
  11  
  12      /**

  13       * @param string $aIP

  14       * @param HTMLPurifier_Config $config

  15       * @param HTMLPurifier_Context $context

  16       * @return bool|string

  17       */
  18      public function validate($aIP, $config, $context)
  19      {
  20          if (!$this->ip4) {
  21              $this->_loadRegex();
  22          }
  23  
  24          $original = $aIP;
  25  
  26          $hex = '[0-9a-fA-F]';
  27          $blk = '(?:' . $hex . '{1,4})';
  28          $pre = '(?:/(?:12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))'; // /0 - /128

  29  
  30          //      prefix check

  31          if (strpos($aIP, '/') !== false) {
  32              if (preg_match('#' . $pre . '$#s', $aIP, $find)) {
  33                  $aIP = substr($aIP, 0, 0 - strlen($find[0]));
  34                  unset($find);
  35              } else {
  36                  return false;
  37              }
  38          }
  39  
  40          //      IPv4-compatiblity check

  41          if (preg_match('#(?<=:' . ')' . $this->ip4 . '$#s', $aIP, $find)) {
  42              $aIP = substr($aIP, 0, 0 - strlen($find[0]));
  43              $ip = explode('.', $find[0]);
  44              $ip = array_map('dechex', $ip);
  45              $aIP .= $ip[0] . $ip[1] . ':' . $ip[2] . $ip[3];
  46              unset($find, $ip);
  47          }
  48  
  49          //      compression check

  50          $aIP = explode('::', $aIP);
  51          $c = count($aIP);
  52          if ($c > 2) {
  53              return false;
  54          } elseif ($c == 2) {
  55              list($first, $second) = $aIP;
  56              $first = explode(':', $first);
  57              $second = explode(':', $second);
  58  
  59              if (count($first) + count($second) > 8) {
  60                  return false;
  61              }
  62  
  63              while (count($first) < 8) {
  64                  array_push($first, '0');
  65              }
  66  
  67              array_splice($first, 8 - count($second), 8, $second);
  68              $aIP = $first;
  69              unset($first, $second);
  70          } else {
  71              $aIP = explode(':', $aIP[0]);
  72          }
  73          $c = count($aIP);
  74  
  75          if ($c != 8) {
  76              return false;
  77          }
  78  
  79          //      All the pieces should be 16-bit hex strings. Are they?

  80          foreach ($aIP as $piece) {
  81              if (!preg_match('#^[0-9a-fA-F]{4}$#s', sprintf('%04s', $piece))) {
  82                  return false;
  83              }
  84          }
  85          return $original;
  86      }
  87  }
  88  
  89  // vim: et sw=4 sts=4