Added : url string validation

htdocs/includes/menus/barre_top/auguria_backoffice.php

@@ -64,7 +64,6 @@ class MenuTop {
       if (isset($_GET["idmenu"]))   $_SESSION["idmenu"]=$_GET["idmenu"];
       $_SESSION["leftmenuopened"]="";
       
-
       $menuArbo = new Menubase($this->db,'auguria','top');
       $tabMenu = $menuArbo->menuTopCharger(0,$_SESSION['mainmenu'], 'auguria');
       

htdocs/includes/menus/barre_top/eldy_backoffice.php

@@ -351,7 +351,6 @@ class MenuTop {
         	}
         }
         
-
         // Affichage des menus personnalises
        	require_once(DOL_DOCUMENT_ROOT."/core/menubase.class.php");
 

htdocs/langs/en_US/errors.lang

@@ -18,6 +18,7 @@ ErrorBadCustomerCodeSyntax=Bad syntax for customer code
 ErrorCustomerCodeRequired=Customer code required
 ErrorCustomerCodeAlreadyUsed=Customer code already used
 ErrorPrefixRequired=Prefix required
+ErrorUrlNotValid=The website address is incorrect
 ErrorBadSupplierCodeSyntax=Bad syntax for supplier code
 ErrorSupplierCodeRequired=Supplier code required
 ErrorSupplierCodeAlreadyUsed=Supplier code already used

htdocs/langs/fr_FR/errors.lang

@@ -18,6 +18,7 @@ ErrorBadCustomerCodeSyntax=La syntaxe du code client est incorrect
 ErrorCustomerCodeRequired=Code client obligatoire
 ErrorCustomerCodeAlreadyUsed=Code client deja utilise
 ErrorPrefixRequired=Prefix obligatoire
+ErrorUrlNotValid=L'adresse du site web est incorrect
 ErrorBadSupplierCodeSyntax=La syntaxe du code fournisseur est incorrect
 ErrorSupplierCodeRequired=Code fournisseur obligatoire
 ErrorSupplierCodeAlreadyUsed=Code fournisseur deja utilise

htdocs/lib/functions.lib.php

@@ -2379,13 +2379,60 @@ function clean_url($url,$http=1)
 		}
 
 		// On passe le nom de domaine en minuscule
-		$url = eregi_replace('^'.$proto.$domain, $newproto.strtolower($domain), $url);
+		$CleanUrl = eregi_replace('^'.$proto.$domain, $newproto.strtolower($domain), $url);
 
-		return $url;
+		return $CleanUrl;
 	}
 }
 
 
+/**
+ *	\brief   	Url string validation
+ *  \remarks  <http[s]> :// [user[:pass]@] hostname [port] [/path] [?getquery] [anchor]
+ *	\param   	url			Url
+ *  \param   	http		1: verify http, 0: not verify http
+ *  \param   	pass		1: verify user and pass, 0: not verify user and pass
+ *  \param   	port		1: verify port, 0: not verify port
+ *  \param   	path		1: verify path, 0: not verify path
+ *  \param   	query		1: verify query, 0: not verify query
+ *  \param   	anchor	1: verify anchor, 0: not verify anchor
+ *	\return  	string	    ValidUrl
+ */
+function valid_url($url,$http=0,$pass=0,$port=0,$path=0,$query=0,$anchor=0)
+{
+	$ValidUrl = 0;
+	$urlregex = '';
+	
+	// SCHEME
+	if ($http) $urlregex .= "^(http:\/\/|https:\/\/)";
+	
+	// USER AND PASS
+	if ($pass) $urlregex .= "([a-z0-9+!*(),;?&=\$_.-]+(\:[a-z0-9+!*(),;?&=\$_.-]+)?@)";
+	
+	// HOSTNAME OR IP
+	//$urlregex .= "[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)*";  // http://x = allowed (ex. http://localhost, http://routerlogin)
+	//$urlregex .= "[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)+";  // http://x.x = minimum
+	$urlregex .= "([a-z0-9+\$_-]+\.)*[a-z0-9+\$_-]{2,3}";  // http://x.xx(x) = minimum
+	//use only one of the above
+	
+	// PORT
+	if ($port) $urlregex .= "(\:[0-9]{2,5})";
+	// PATH
+	if ($path) $urlregex .= "(\/([a-z0-9+\$_-]\.?)+)*\/";
+	// GET Query
+	if ($query) $urlregex .= "(\?[a-z+&\$_.-][a-z0-9;:@/&%=+\$_.-]*)";
+	// ANCHOR
+	if($anchor) $urlregex .= "(#[a-z_.-][a-z0-9+\$_.-]*)\$";
+	
+	// check
+	if (eregi($urlregex, $url))
+	{
+		$ValidUrl = 1;
+	}
+	
+	return $ValidUrl;
+}
+
 
 /**
  *	\brief   	Clean a string from all HTML tags and entities

htdocs/societe.class.php

@@ -294,6 +294,11 @@ class Societe extends CommonObject
 				$result = -3;
 			}
 		}
+		if (valid_url($this->url) == 0)
+		{
+			$this->errors[] = 'ErrorUrlNotValid';
+			$result = -4;
+		}
 
 		return $result;
 	}