diff options
Diffstat (limited to 'lib/private/Accounts/AccountManager.php')
-rw-r--r-- | lib/private/Accounts/AccountManager.php | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/lib/private/Accounts/AccountManager.php b/lib/private/Accounts/AccountManager.php index ea8f99e0216..eff025e511e 100644 --- a/lib/private/Accounts/AccountManager.php +++ b/lib/private/Accounts/AccountManager.php @@ -121,6 +121,25 @@ class AccountManager implements IAccountManager { } /** + * + * @param string $input + * @return string + * @throws \InvalidArgumentException When the website did not have http(s) as protocol or the host name was empty + */ + protected function parseWebsite(string $input): string { + $parts = parse_url($input); + if (!isset($parts['scheme']) || ($parts['scheme'] !== 'https' && $parts['scheme'] !== 'http')) { + throw new \InvalidArgumentException(self::PROPERTY_WEBSITE); + } + + if (!isset($parts['host']) || $parts['host'] === '') { + throw new \InvalidArgumentException(self::PROPERTY_WEBSITE); + } + + return $input; + } + + /** * update user record * * @param IUser $user @@ -155,6 +174,17 @@ class AccountManager implements IAccountManager { } } + if (isset($data[self::PROPERTY_WEBSITE]) && $data[self::PROPERTY_WEBSITE]['value'] !== '') { + try { + $data[self::PROPERTY_WEBSITE]['value'] = $this->parseWebsite($data[self::PROPERTY_WEBSITE]['value']); + } catch (\InvalidArgumentException $e) { + if ($throwOnData) { + throw $e; + } + $data[self::PROPERTY_WEBSITE]['value'] = ''; + } + } + $allowedScopes = [ self::SCOPE_PRIVATE, self::SCOPE_LOCAL, |