Context Navigation

source: branches/rsr.v5.1.dev/web/punbb/include/utf8/utils/validation.php @ 6

Last change on this file since 6 was 3, checked in by dj3c1t, 13 years ago
passage a Fluxbb 1.4.7
File size: 5.3 KB

Line
1	<?php
2
3	/**
4	* @version $Id: validation.php,v 1.2 2006/02/26 13:20:44 harryf Exp $
5	* Tools for validing a UTF-8 string is well formed.
6	* The Original Code is Mozilla Communicator client code.
7	* The Initial Developer of the Original Code is
8	* Netscape Communications Corporation.
9	* Portions created by the Initial Developer are Copyright (C) 1998
10	* the Initial Developer. All Rights Reserved.
11	* Ported to PHP by Henri Sivonen (http://hsivonen.iki.fi)
12	* Slight modifications to fit with phputf8 library by Harry Fuecks (hfuecks gmail com)
13	* @see http://lxr.mozilla.org/seamonkey/source/intl/uconv/src/nsUTF8ToUnicode.cpp
14	* @see http://lxr.mozilla.org/seamonkey/source/intl/uconv/src/nsUnicodeToUTF8.cpp
15	* @see http://hsivonen.iki.fi/php-utf8/
16	* @package utf8
17	* @subpackage validation
18	*/
19
20	/**
21	* Tests a string as to whether it's valid UTF-8 and supported by the
22	* Unicode standard
23	* Note: this function has been modified to simple return true or false
24	* @author <hsivonen@iki.fi>
25	* @param string UTF-8 encoded string
26	* @return boolean true if valid
27	* @see http://hsivonen.iki.fi/php-utf8/
28	* @see utf8_compliant
29	* @package utf8
30	* @subpackage validation
31	*/
32	function utf8_is_valid($str)
33	{
34	$mState = 0; // Cached expected number of octets after the current octet
35	// until the beginning of the next UTF8 character sequence
36	$mUcs4 = 0; // Cached Unicode character
37	$mBytes = 1; // Cached expected number of octets in the current sequence
38
39	$len = strlen($str);
40
41	for($i = 0; $i < $len; $i++)
42	{
43	$in = ord($str{$i});
44
45	if ( $mState == 0)
46	{
47	// When mState is zero we expect either a US-ASCII character or a multi-octet sequence.
48	if (0 == (0x80 & ($in)))
49	{
50	$mBytes = 1; // US-ASCII, pass straight through
51	}
52	else if (0xC0 == (0xE0 & ($in)))
53	{
54	// First octet of 2 octet sequence
55	$mUcs4 = ($in);
56	$mUcs4 = ($mUcs4 & 0x1F) << 6;
57	$mState = 1;
58	$mBytes = 2;
59	}
60	else if (0xE0 == (0xF0 & ($in)))
61	{
62	// First octet of 3 octet sequence
63	$mUcs4 = ($in);
64	$mUcs4 = ($mUcs4 & 0x0F) << 12;
65	$mState = 2;
66	$mBytes = 3;
67	}
68	else if (0xF0 == (0xF8 & ($in)))
69	{
70	// First octet of 4 octet sequence
71	$mUcs4 = ($in);
72	$mUcs4 = ($mUcs4 & 0x07) << 18;
73	$mState = 3;
74	$mBytes = 4;
75	}
76	else if (0xF8 == (0xFC & ($in)))
77	{
78	/* First octet of 5 octet sequence.
79	*
80	* This is illegal because the encoded codepoint must be either
81	* (a) not the shortest form or
82	* (b) outside the Unicode range of 0-0x10FFFF.
83	* Rather than trying to resynchronize, we will carry on until the end
84	* of the sequence and let the later error handling code catch it.
85	*/
86	$mUcs4 = ($in);
87	$mUcs4 = ($mUcs4 & 0x03) << 24;
88	$mState = 4;
89	$mBytes = 5;
90	}
91	else if (0xFC == (0xFE & ($in)))
92	{
93	// First octet of 6 octet sequence, see comments for 5 octet sequence.
94	$mUcs4 = ($in);
95	$mUcs4 = ($mUcs4 & 1) << 30;
96	$mState = 5;
97	$mBytes = 6;
98	}
99	else
100	{
101	// Current octet is neither in the US-ASCII range nor a legal first octet of a multi-octet sequence.
102	return false;
103	}
104	}
105	else
106	{
107	// When mState is non-zero, we expect a continuation of the multi-octet sequence
108	if (0x80 == (0xC0 & ($in)))
109	{
110	// Legal continuation.
111	$shift = ($mState - 1) * 6;
112	$tmp = $in;
113	$tmp = ($tmp & 0x0000003F) << $shift;
114	$mUcs4 \|= $tmp;
115
116	/**
117	* End of the multi-octet sequence. mUcs4 now contains the final
118	* Unicode codepoint to be output
119	*/
120	if (0 == --$mState)
121	{
122	/*
123	* Check for illegal sequences and codepoints.
124	*/
125	// From Unicode 3.1, non-shortest form is illegal
126	if (((2 == $mBytes) && ($mUcs4 < 0x0080)) \|\| ((3 == $mBytes) && ($mUcs4 < 0x0800)) \|\|
127	((4 == $mBytes) && ($mUcs4 < 0x10000)) \|\| (4 < $mBytes) \|\|
128	// From Unicode 3.2, surrogate characters are illegal
129	(($mUcs4 & 0xFFFFF800) == 0xD800) \|\|
130	// Codepoints outside the Unicode range are illegal
131	($mUcs4 > 0x10FFFF))
132	{
133	return FALSE;
134	}
135
136	// Initialize UTF8 cache
137	$mState = 0;
138	$mUcs4 = 0;
139	$mBytes = 1;
140	}
141	}
142	else
143	{
144	/**
145	((0xC0 & (in) != 0x80) && (mState != 0))
146	* Incomplete multi-octet sequence.
147	*/
148
149	return false;
150	}
151	}
152	}
153
154	return true;
155	}
156
157	/**
158	* Tests whether a string complies as UTF-8. This will be much
159	* faster than utf8_is_valid, but will pass five and six octet
160	* UTF-8 sequences, which are not supported by Unicode and
161	* so cannot be displayed correctly in a browser. In other words
162	* it is not as strict as utf8_is_valid but it's faster. If you use
163	* is to validate user input, you place yourself at the risk that
164	* attackers will be able to inject 5 and 6 byte sequences (which
165	* may or may not be a significant risk, depending on what you are
166	* are doing)
167	* Note: Does not pass five and six octet UTF-8 sequences anymore in
168	* in the unit tests.
169	* @see utf8_is_valid
170	* @see http://www.php.net/manual/en/reference.pcre.pattern.modifiers.php#54805
171	* @param string UTF-8 string to check
172	* @return boolean TRUE if string is valid UTF-8
173	* @package utf8
174	* @subpackage validation
175	*/
176	function utf8_compliant($str)
177	{
178	if (strlen($str) == 0)
179	return true;
180
181	// If even just the first character can be matched, when the /u
182	// modifier is used, then it's valid UTF-8. If the UTF-8 is somehow
183	// invalid, nothing at all will match, even if the string contains
184	// some valid sequences
185	return (preg_match('/^.{1}/us', $str, $ar) == 1);
186	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: