diff options
Diffstat (limited to 'includes/StringUtils.php')
-rw-r--r-- | includes/StringUtils.php | 176 |
1 files changed, 133 insertions, 43 deletions
diff --git a/includes/StringUtils.php b/includes/StringUtils.php index 43275a66..c1545e6e 100644 --- a/includes/StringUtils.php +++ b/includes/StringUtils.php @@ -24,6 +24,92 @@ * A collection of static methods to play with strings. */ class StringUtils { + + /** + * Test whether a string is valid UTF-8. + * + * The function check for invalid byte sequences, overlong encoding but + * not for different normalisations. + * + * This relies internally on the mbstring function mb_check_encoding() + * hardcoded to check against UTF-8. Whenever the function is not available + * we fallback to a pure PHP implementation. Setting $disableMbstring to + * true will skip the use of mb_check_encoding, this is mostly intended for + * unit testing our internal implementation. + * + * @since 1.21 + * @note In MediaWiki 1.21, this function did not provide proper UTF-8 validation. + * In particular, the pure PHP code path did not in fact check for overlong forms. + * Beware of this when backporting code to that version of MediaWiki. + * + * @param string $value String to check + * @param boolean $disableMbstring Whether to use the pure PHP + * implementation instead of trying mb_check_encoding. Intended for unit + * testing. Default: false + * + * @return boolean Whether the given $value is a valid UTF-8 encoded string + */ + static function isUtf8( $value, $disableMbstring = false ) { + $value = (string)$value; + + // If the mbstring extension is loaded, use it. However, before PHP 5.4, values above + // U+10FFFF are incorrectly allowed, so we have to check for them separately. + if ( !$disableMbstring && function_exists( 'mb_check_encoding' ) ) { + static $newPHP; + if ( $newPHP === null ) { + $newPHP = !mb_check_encoding( "\xf4\x90\x80\x80", 'UTF-8' ); + } + + return mb_check_encoding( $value, 'UTF-8' ) && + ( $newPHP || preg_match( "/\xf4[\x90-\xbf]|[\xf5-\xff]/S", $value ) === 0 ); + } + + if ( preg_match( "/[\x80-\xff]/S", $value ) === 0 ) { + // String contains only ASCII characters, has to be valid + return true; + } + + // PCRE implements repetition using recursion; to avoid a stack overflow (and segfault) + // for large input, we check for invalid sequences (<= 5 bytes) rather than valid + // sequences, which can be as long as the input string is. Multiple short regexes are + // used rather than a single long regex for performance. + static $regexes; + if ( $regexes === null ) { + $cont = "[\x80-\xbf]"; + $after = "(?!$cont)"; // "(?:[^\x80-\xbf]|$)" would work here + $regexes = array( + // Continuation byte at the start + "/^$cont/", + + // ASCII byte followed by a continuation byte + "/[\\x00-\x7f]$cont/S", + + // Illegal byte + "/[\xc0\xc1\xf5-\xff]/S", + + // Invalid 2-byte sequence, or valid one then an extra continuation byte + "/[\xc2-\xdf](?!$cont$after)/S", + + // Invalid 3-byte sequence, or valid one then an extra continuation byte + "/\xe0(?![\xa0-\xbf]$cont$after)/", + "/[\xe1-\xec\xee\xef](?!$cont{2}$after)/S", + "/\xed(?![\x80-\x9f]$cont$after)/", + + // Invalid 4-byte sequence, or valid one then an extra continuation byte + "/\xf0(?![\x90-\xbf]$cont{2}$after)/", + "/[\xf1-\xf3](?!$cont{3}$after)/S", + "/\xf4(?![\x80-\x8f]$cont{2}$after)/", + ); + } + + foreach ( $regexes as $regex ) { + if ( preg_match( $regex, $value ) !== 0 ) { + return false; + } + } + return true; + } + /** * Perform an operation equivalent to * @@ -65,16 +151,16 @@ class StringUtils { * memory. The delimiters are literal strings, not regular expressions. * * If the start delimiter ends with an initial substring of the end delimiter, - * e.g. in the case of C-style comments, the behaviour differs from the model + * e.g. in the case of C-style comments, the behavior differs from the model * regex. In this implementation, the end must share no characters with the * start, so e.g. /*\/ is not considered to be both the start and end of a * comment. /*\/xy/*\/ is considered to be a single comment with contents /xy/. * - * @param $startDelim String: start delimiter - * @param $endDelim String: end delimiter + * @param string $startDelim start delimiter + * @param string $endDelim end delimiter * @param $callback Callback: function to call on each match * @param $subject String - * @param $flags String: regular expression flags + * @param string $flags regular expression flags * @throws MWException * @return string */ @@ -90,12 +176,12 @@ class StringUtils { $m = array(); while ( $inputPos < strlen( $subject ) && - preg_match( "!($encStart)|($encEnd)!S$flags", $subject, $m, PREG_OFFSET_CAPTURE, $inputPos ) ) + preg_match( "!($encStart)|($encEnd)!S$flags", $subject, $m, PREG_OFFSET_CAPTURE, $inputPos ) ) { $tokenOffset = $m[0][1]; if ( $m[1][0] != '' ) { if ( $foundStart && - $strcmp( $endDelim, substr( $subject, $tokenOffset, $endLength ) ) == 0 ) + $strcmp( $endDelim, substr( $subject, $tokenOffset, $endLength ) ) == 0 ) { # An end match is present at the same location $tokenType = 'end'; @@ -155,12 +241,12 @@ class StringUtils { * * preg_replace( "!$startDelim(.*)$endDelim!$flags", $replace, $subject ) * - * @param $startDelim String: start delimiter regular expression - * @param $endDelim String: end delimiter regular expression - * @param $replace String: replacement string. May contain $1, which will be + * @param string $startDelim start delimiter regular expression + * @param string $endDelim end delimiter regular expression + * @param string $replace replacement string. May contain $1, which will be * replaced by the text between the delimiters - * @param $subject String to search - * @param $flags String: regular expression flags + * @param string $subject to search + * @param string $flags regular expression flags * @return String: The string with the matches replaced */ static function delimiterReplace( $startDelim, $endDelim, $replace, $subject, $flags = '' ) { @@ -172,8 +258,8 @@ class StringUtils { /** * More or less "markup-safe" explode() * Ignores any instances of the separator inside <...> - * @param $separator String - * @param $text String + * @param string $separator + * @param string $text * @return array */ static function explodeMarkup( $separator, $text ) { @@ -188,7 +274,7 @@ class StringUtils { // Explode, then put the replaced separators back in $items = explode( $separator, $cleaned ); - foreach( $items as $i => $str ) { + foreach ( $items as $i => $str ) { $items[$i] = str_replace( $placeholder, $separator, $str ); } @@ -199,8 +285,8 @@ class StringUtils { * Escape a string to make it suitable for inclusion in a preg_replace() * replacement parameter. * - * @param $string String - * @return String + * @param string $string + * @return string */ static function escapeRegexReplacement( $string ) { $string = str_replace( '\\', '\\\\', $string ); @@ -211,8 +297,8 @@ class StringUtils { /** * Workalike for explode() with limited memory usage. * Returns an Iterator - * @param $separator - * @param $subject + * @param string $separator + * @param string $subject * @return ArrayIterator|ExplodeIterator */ static function explode( $separator, $subject ) { @@ -245,14 +331,14 @@ class RegexlikeReplacer extends Replacer { var $r; /** - * @param $r string + * @param string $r */ function __construct( $r ) { $this->r = $r; } /** - * @param $matches array + * @param array $matches * @return string */ function replace( $matches ) { @@ -273,7 +359,7 @@ class DoubleReplacer extends Replacer { /** * @param $from * @param $to - * @param $index int + * @param int $index */ function __construct( $from, $to, $index = 0 ) { $this->from = $from; @@ -282,7 +368,7 @@ class DoubleReplacer extends Replacer { } /** - * @param $matches array + * @param array $matches * @return mixed */ function replace( $matches ) { @@ -298,7 +384,7 @@ class HashtableReplacer extends Replacer { /** * @param $table - * @param $index int + * @param int $index */ function __construct( $table, $index = 0 ) { $this->table = $table; @@ -306,7 +392,7 @@ class HashtableReplacer extends Replacer { } /** - * @param $matches array + * @param array $matches * @return mixed */ function replace( $matches ) { @@ -344,6 +430,7 @@ class ReplacementArray { /** * Set the whole replacement array at once + * @param array $data */ function setArray( $data ) { $this->data = $data; @@ -359,8 +446,8 @@ class ReplacementArray { /** * Set an element of the replacement array - * @param $from string - * @param $to stromg + * @param string $from + * @param string $to */ function setPair( $from, $to ) { $this->data[$from] = $to; @@ -368,7 +455,7 @@ class ReplacementArray { } /** - * @param $data array + * @param array $data */ function mergeArray( $data ) { $this->data = array_merge( $this->data, $data ); @@ -376,7 +463,7 @@ class ReplacementArray { } /** - * @param $other + * @param ReplacementArray $other */ function merge( $other ) { $this->data = array_merge( $this->data, $other->data ); @@ -384,39 +471,39 @@ class ReplacementArray { } /** - * @param $from string + * @param string $from */ function removePair( $from ) { - unset($this->data[$from]); + unset( $this->data[$from] ); $this->fss = false; } /** - * @param $data array + * @param array $data */ function removeArray( $data ) { - foreach( $data as $from => $to ) { + foreach ( $data as $from => $to ) { $this->removePair( $from ); } $this->fss = false; } /** - * @param $subject string + * @param string $subject * @return string */ function replace( $subject ) { if ( function_exists( 'fss_prep_replace' ) ) { - wfProfileIn( __METHOD__.'-fss' ); + wfProfileIn( __METHOD__ . '-fss' ); if ( $this->fss === false ) { $this->fss = fss_prep_replace( $this->data ); } $result = fss_exec_replace( $this->fss, $subject ); - wfProfileOut( __METHOD__.'-fss' ); + wfProfileOut( __METHOD__ . '-fss' ); } else { - wfProfileIn( __METHOD__.'-strtr' ); + wfProfileIn( __METHOD__ . '-strtr' ); $result = strtr( $subject, $this->data ); - wfProfileOut( __METHOD__.'-strtr' ); + wfProfileOut( __METHOD__ . '-strtr' ); } return $result; } @@ -424,7 +511,7 @@ class ReplacementArray { /** * An iterator which works exactly like: - * + * * foreach ( explode( $delim, $s ) as $element ) { * ... * } @@ -449,15 +536,15 @@ class ExplodeIterator implements Iterator { /** * Construct a DelimIterator - * @param $delim string - * @param $s string + * @param string $delim + * @param string $subject */ - function __construct( $delim, $s ) { - $this->subject = $s; + function __construct( $delim, $subject ) { + $this->subject = $subject; $this->delim = $delim; // Micro-optimisation (theoretical) - $this->subjectLength = strlen( $s ); + $this->subjectLength = strlen( $subject ); $this->delimLength = strlen( $delim ); $this->rewind(); @@ -485,6 +572,9 @@ class ExplodeIterator implements Iterator { return $this->current; } + /** + * @return int|bool Current position or boolean false if invalid + */ function key() { return $this->curPos; } |