From 7acec3e87c17fbbbc3f2f3b43bbca0120ad5619b Mon Sep 17 00:00:00 2001
From: Darren Douglas Lee aka Dee <dlee@dosomething.org>
Date: Sun, 28 Jul 2013 23:19:14 -0400
Subject: [PATCH] Fixed path validation: _optimizely_valid_paths()
---
optimizely.admin.inc | 52 ++++++++++++++++++++++++++++++--------------
1 file changed, 36 insertions(+), 16 deletions(-)
diff --git a/optimizely.admin.inc b/optimizely.admin.inc
index c31b242..4070825 100644
--- a/optimizely.admin.inc
+++ b/optimizely.admin.inc
@@ -186,7 +186,6 @@ function optimizely_add_update_form_validate($form, &$form_state) {
// Confirm project_code is unique or the entered project code is also the account ID - SELECT the project title in prep for related form error message
$query = db_query('SELECT project_title FROM {optimizely} WHERE
project_code = :project_code ORDER BY oid DESC', array(':project_code' => $form_state['values']['optimizely_project_code']));
-
$query_count = $query->rowCount();
// Flag submission if existing entry is found with the same project code value AND it's not an SINGLE entry to replace the "default" entry.
@@ -617,7 +616,7 @@ function optimizely_ajax_enable() {
$target_include = $result->include;
// Check that the paths are valid for the newly enabled project
- $valid_paths = _optimizely_valid_paths($target_path_array);
+ $valid_paths = _optimizely_valid_paths($target_paths);
// Check to see if the enable project has path entries that will result in
// duplicates with other enable projects
@@ -842,25 +841,46 @@ function _optimizely_unique_paths($target_paths, $target_include = TRUE, $target
* @return
* boolean of TRUE if the paths are valid or a string of the path that failed.
*/
-function _optimizely_valid_paths($target_paths) {
+function _optimizely_valid_paths($project_paths) {
// Validate entered paths to confirm the paths exist on the website
- foreach ($target_paths as $project_path) {
-
- // Deal with wildcards
- if (strpos($project_path, '*') !== FALSE) {
- $project_path = substr($project_path, 0, strpos($project_path, '*'));
- }
-
- // Skip validation if <front> is path value
- if (strpos($project_path, '<front>') === FALSE) {
-
- // Test for valid path
- $path_found = drupal_lookup_path('source', $project_path);
- if (!$path_found) {
+ foreach ($project_paths as $project_path) {
+
+ // Check for site wide wildcard
+ if (strpos($project_path, '*') === 0) {
+ return TRUE;
+ } // Path wildcards
+ elseif (strpos($project_path, '*') !== FALSE) {
+
+ $project_wildpath = substr($project_path, 0, strpos($project_path, '*') - 1);
+
+ // select * from url_alias where source like 'article%' or alias like 'article%';
+
+ // Look for entries in url_aias
+ $query = db_query("SELECT * FROM {url_alias} WHERE
+ source LIKE :project_wildpath OR alias LIKE :project_wildpath",
+ array(':project_wildpath' => $project_wildpath . '%'));
+ $project_wildpath_match = $query->rowCount();
+
+ // No matches found for wildcard path
+ if (!$project_wildpath_match) {
return $project_path;
}
+ } // Specific path
+ else {
+
+ // Validation if path valid menu router entry, includes support for <front>
+ if (drupal_valid_path($project_path, TRUE) === FALSE) {
+
+ // Look for entry in url_alias table
+ if (drupal_lookup_path('alias', $project_path) === FALSE &&
+ drupal_lookup_path('source', $project_path) === FALSE) {
+ return $project_path;
+ }
+
+ }
+
}
}
--
GitLab