regex types in API

Core/API/DatabaseAPI.class.php

@@ -11,6 +11,7 @@ namespace Core\API {
 namespace Core\API\Database {
 
   use Core\API\DatabaseAPI;
+  use Core\API\Parameter\RegexType;
   use Core\API\Parameter\StringType;
   use Core\Driver\SQL\Query\Insert;
   use Core\Objects\Context;
@@ -40,16 +41,12 @@ namespace Core\API\Database {
   class Migrate extends DatabaseAPI {
     public function __construct(Context $context, bool $externalCall = false) {
       parent::__construct($context, $externalCall, [
-        "className" => new StringType("className", 256)
+        "className" => new RegexType("className", "[a-zA-Z][a-zA-Z0-9]{0,256}")
       ]);
     }
 
     protected function _execute(): bool {
       $className = $this->getParam("className");
-      if (!preg_match("/[a-zA-Z0-9]+/", $className)) {
-        return $this->createError("Invalid class name");
-      }
-
       $class = null;
       foreach (["Site", "Core"] as $baseDir) {
         $classPath = "\\$baseDir\\Objects\\DatabaseEntity\\$className";

Core/API/GroupsAPI.class.php

@@ -55,6 +55,7 @@ namespace Core\API\Groups {
 
   use Core\API\GroupsAPI;
   use Core\API\Parameter\Parameter;
+  use Core\API\Parameter\RegexType;
   use Core\API\Parameter\StringType;
   use Core\API\Traits\Pagination;
   use Core\Driver\SQL\Column\Column;
@@ -181,22 +182,14 @@ namespace Core\API\Groups {
   class Create extends GroupsAPI {
     public function __construct(Context $context, $externalCall = false) {
       parent::__construct($context, $externalCall, [
-        'name' => new StringType('name', 32),
-        'color' => new StringType('color', 10),
+        'name' => new RegexType('name', "[a-zA-Z][a-zA-Z0-9_-]{0,31}"),
+        'color' => new RegexType('color', "#[a-fA-F0-9]{3,6}"),
       ]);
     }
 
     public function _execute(): bool {
       $name = $this->getParam("name");
-      if (preg_match("/^[a-zA-Z][a-zA-Z0-9_-]*$/", $name) !== 1) {
-        return $this->createError("Invalid name");
-      }
-
       $color = $this->getParam("color");
-      if (preg_match("/^#[a-fA-F0-9]{3,6}$/", $color) !== 1) {
-        return $this->createError("Invalid color");
-      }
-
       $exists = $this->groupExists($name);
       if (!$this->success) {
         return false;
@@ -226,8 +219,8 @@ namespace Core\API\Groups {
     public function __construct(Context $context, $externalCall = false) {
       parent::__construct($context, $externalCall, [
         "id" => new Parameter("id", Parameter::TYPE_INT),
-        'name' => new StringType('name', 32),
-        'color' => new StringType('color', 10),
+        "name" => new RegexType("name", "[a-zA-Z][a-zA-Z0-9_-]{0,31}"),
+        "color" => new RegexType("color", "#[a-fA-F0-9]{3,6}"),
       ]);
     }
 
@@ -235,14 +228,7 @@ namespace Core\API\Groups {
       $sql = $this->context->getSQL();
       $groupId = $this->getParam("id");
       $name = $this->getParam("name");
-      if (preg_match("/^[a-zA-Z][a-zA-Z0-9_-]*$/", $name) !== 1) {
-        return $this->createError("Invalid name");
-      }
-
       $color = $this->getParam("color");
-      if (preg_match("/^#[a-fA-F0-9]{3,6}$/", $color) !== 1) {
-        return $this->createError("Invalid color");
-      }
 
       $group = $this->getGroup($groupId);
       if ($group === false) {

Core/API/LanguageAPI.class.php

@@ -16,6 +16,7 @@ namespace Core\API\Language {
   use Core\API\LanguageAPI;
   use Core\API\Parameter\ArrayType;
   use Core\API\Parameter\Parameter;
+  use Core\API\Parameter\RegexType;
   use Core\API\Parameter\StringType;
   use Core\Driver\SQL\Condition\Compare;
   use Core\Driver\SQL\Condition\CondOr;
@@ -113,7 +114,7 @@ namespace Core\API\Language {
   class GetEntries extends LanguageAPI {
     public function __construct(Context $context, bool $externalCall = false) {
       parent::__construct($context, $externalCall, [
-        "code" => new StringType("code", 5, true, NULL),
+        "code" => new RegexType("code", Language::LANG_CODE_PATTERN, true, NULL),
         "modules" => new ArrayType("modules", Parameter::TYPE_STRING, true, false),
         "compression" => new StringType("compression", -1, true, NULL, ["gzip", "zlib"])
       ]);
@@ -127,10 +128,6 @@ namespace Core\API\Language {
         $code = $this->context->getLanguage()->getCode();
       }
 
-      if (!preg_match(Language::LANG_CODE_PATTERN, $code)) {
-        return $this->createError("Invalid lang code format: $code");
-      }
-
       $entries = [];
       $modulePaths = [];
       $requestedModules = $this->getParam("modules");

Core/API/SettingsAPI.class.php

@@ -2,10 +2,10 @@
 
 namespace Core\API {
 
+  use Core\API\Parameter\IntegerType;
   use Core\Objects\Context;
   use Core\API\Parameter\ArrayType;
   use Core\API\Parameter\Parameter;
-  use Core\API\Parameter\StringType;
 
   abstract class SettingsAPI extends Request {
 
@@ -18,11 +18,11 @@ namespace Core\API {
       // API parameters should be more configurable, e.g. allow regexes, min/max values for numbers, etc.
       $this->predefinedKeys = [
         "allowed_extensions" => new ArrayType("allowed_extensions", Parameter::TYPE_STRING),
-        "trusted_domains" => new ArrayType("allowed_extensions", Parameter::TYPE_STRING),
+        "trusted_domains" => new ArrayType("trusted_domains", Parameter::TYPE_STRING),
         "user_registration_enabled" => new Parameter("user_registration_enabled", Parameter::TYPE_BOOLEAN),
         "recaptcha_enabled" => new Parameter("recaptcha_enabled", Parameter::TYPE_BOOLEAN),
         "mail_enabled" => new Parameter("mail_enabled", Parameter::TYPE_BOOLEAN),
-        "mail_port" => new Parameter("mail_port", Parameter::TYPE_INT)
+        "mail_port" => new IntegerType("mail_port", 1, 65535)
       ];
     }
   }
@@ -32,6 +32,7 @@ namespace Core\API\Settings {
 
   use Core\API\Parameter\ArrayType;
   use Core\API\Parameter\Parameter;
+  use Core\API\Parameter\RegexType;
   use Core\API\Parameter\StringType;
   use Core\API\SettingsAPI;
   use Core\Configuration\Settings;
@@ -83,7 +84,7 @@ namespace Core\API\Settings {
         return $this->createError("No values given.");
       }
 
-      $paramKey = new StringType('key', 32);
+      $paramKey = new RegexType('key', "[a-zA-Z_][a-zA-Z_0-9-]*");
       $paramValueDefault = new StringType('value', 1024, true, NULL);
 
       $sql = $this->context->getSQL();
@@ -100,8 +101,6 @@ namespace Core\API\Settings {
         } else if (!is_null($value) && !$paramValue->parseParam($value)) {
           $value = print_r($value, true);
           return $this->createError("Invalid Type for value in parameter settings for key '$key': '$value' (Required: " . $paramValue->getTypeName() . ")");
-        } else if(preg_match("/^[a-zA-Z_][a-zA-Z_0-9-]*$/", $paramKey->value) !== 1) {
-          return $this->createError("The property key should only contain alphanumeric characters, underscores and dashes");
         } else {
           if (!is_null($paramValue->value)) {
             $query->addRow($paramKey->value, json_encode($paramValue->value));