class NoSuspiciousCharacters

Validates that the given string does not contain characters used in spoofing security attacks.

@author Mathieu Lechat <mathieu.lechat@les-tilleuls.coop>

Hierarchy

class \Symfony\Component\Validator\Constraint
- class \Symfony\Component\Validator\Constraints\NoSuspiciousCharacters extends \Symfony\Component\Validator\Constraint

Expanded class hierarchy of NoSuspiciousCharacters

File

vendor/symfony/validator/Constraints/NoSuspiciousCharacters.php, line 24

Namespace

Symfony\Component\Validator\Constraints

View source

class NoSuspiciousCharacters extends Constraint {
    public const RESTRICTION_LEVEL_ERROR = '1ece07dc-dca2-45f1-ba47-8d7dc3a12774';
    public const INVISIBLE_ERROR = '6ed60e6c-179b-4e93-8a6c-667d85c6de5e';
    public const MIXED_NUMBERS_ERROR = '9f01fc26-3bc4-44b1-a6b1-c08e2412053a';
    public const HIDDEN_OVERLAY_ERROR = '56380dc5-0476-4f04-bbaa-b68cd1c2d974';
    protected const ERROR_NAMES = [
        self::RESTRICTION_LEVEL_ERROR => 'RESTRICTION_LEVEL_ERROR',
        self::INVISIBLE_ERROR => 'INVISIBLE_ERROR',
        self::MIXED_NUMBERS_ERROR => 'MIXED_NUMBERS_ERROR',
        self::HIDDEN_OVERLAY_ERROR => 'INVALID_CASE_ERROR',
    ];
    
    /**
     * Check a string for the presence of invisible characters such as zero-width spaces,
     * or character sequences that are likely not to display such as multiple occurrences of the same non-spacing mark.
     */
    public const CHECK_INVISIBLE = 32;
    
    /**
     * Check that a string does not mix numbers from different numbering systems;
     * for example “8” (Digit Eight) and “৪” (Bengali Digit Four).
     */
    public const CHECK_MIXED_NUMBERS = 128;
    
    /**
     * Check that a string does not have a combining character following a character in which it would be hidden;
     * for example “i” (Latin Small Letter I) followed by a U+0307 (Combining Dot Above).
     */
    public const CHECK_HIDDEN_OVERLAY = 256;
    
    /** @see https://unicode.org/reports/tr39/#ascii_only */
    public const RESTRICTION_LEVEL_ASCII = 268435456;
    
    /** @see https://unicode.org/reports/tr39/#single_script */
    public const RESTRICTION_LEVEL_SINGLE_SCRIPT = 536870912;
    
    /** @see https://unicode.org/reports/tr39/#highly_restrictive */
    public const RESTRICTION_LEVEL_HIGH = 805306368;
    
    /** @see https://unicode.org/reports/tr39/#moderately_restrictive */
    public const RESTRICTION_LEVEL_MODERATE = 1073741824;
    
    /** @see https://unicode.org/reports/tr39/#minimally_restrictive */
    public const RESTRICTION_LEVEL_MINIMAL = 1342177280;
    
    /** @see https://unicode.org/reports/tr39/#unrestricted */
    public const RESTRICTION_LEVEL_NONE = 1610612736;
    public string $restrictionLevelMessage = 'This value contains characters that are not allowed by the current restriction-level.';
    public string $invisibleMessage = 'Using invisible characters is not allowed.';
    public string $mixedNumbersMessage = 'Mixing numbers from different scripts is not allowed.';
    public string $hiddenOverlayMessage = 'Using hidden overlay characters is not allowed.';
    public int $checks = self::CHECK_INVISIBLE | self::CHECK_MIXED_NUMBERS | self::CHECK_HIDDEN_OVERLAY;
    public ?int $restrictionLevel = null;
    public ?array $locales = null;
    
    /**
     * @param array<string,mixed>|null                    $options
     * @param int-mask-of<self::CHECK_*>|null             $checks           A bitmask of the checks to perform on the string (defaults to all checks)
     * @param int-mask-of<self::RESTRICTION_LEVEL_*>|null $restrictionLevel Configures the set of acceptable characters for the validated string through a specified "level" (defaults to
     *                                                                      {@see NoSuspiciousCharacters::RESTRICTION_LEVEL_MODERATE} on ICU >= 58, {@see NoSuspiciousCharacters::RESTRICTION_LEVEL_SINGLE_SCRIPT} otherwise)
     * @param string[]|null                               $locales          Restrict the string's characters to those normally used with these locales. Pass null to use the default locales configured for the NoSuspiciousCharactersValidator. (defaults to null)
     * @param string[]|null                               $groups
     */
    public function __construct(?array $options = null, ?string $restrictionLevelMessage = null, ?string $invisibleMessage = null, ?string $mixedNumbersMessage = null, ?string $hiddenOverlayMessage = null, ?int $checks = null, ?int $restrictionLevel = null, ?array $locales = null, ?array $groups = null, mixed $payload = null) {
        if (!class_exists(\Spoofchecker::class)) {
            throw new LogicException('The intl extension is required to use the NoSuspiciousCharacters constraint.');
        }
        parent::__construct($options, $groups, $payload);
        $this->restrictionLevelMessage = $restrictionLevelMessage ?? $this->restrictionLevelMessage;
        $this->invisibleMessage = $invisibleMessage ?? $this->invisibleMessage;
        $this->mixedNumbersMessage = $mixedNumbersMessage ?? $this->mixedNumbersMessage;
        $this->hiddenOverlayMessage = $hiddenOverlayMessage ?? $this->hiddenOverlayMessage;
        $this->checks = $checks ?? $this->checks;
        $this->restrictionLevel = $restrictionLevel ?? $this->restrictionLevel;
        $this->locales = $locales ?? $this->locales;
    }

}

Members

Title Sort descending	Modifiers	Object type	Summary	Overriden Title	Overrides
Constraint::$groups	public	property	The groups that the constraint belongs to.
Constraint::$payload	public	property	Domain-specific data attached to a constraint.
Constraint::addImplicitGroupName	public	function	Adds the given group if this constraint is in the Default group.		2
Constraint::CLASS_CONSTRAINT	public	constant	Marks a constraint that can be put onto classes.
Constraint::DEFAULT_GROUP	public	constant	The name of the group given to all constraints with no explicit group.
Constraint::getDefaultOption	public	function	Returns the name of the default option.		28
Constraint::getErrorName	public static	function	Returns the name of the given error code.
Constraint::getRequiredOptions	public	function	Returns the name of the required options.		22
Constraint::getTargets	public	function	Returns whether the constraint can be put onto classes, properties or both.		8
Constraint::normalizeOptions	protected	function
Constraint::PROPERTY_CONSTRAINT	public	constant	Marks a constraint that can be put onto properties.
Constraint::validatedBy	public	function	Returns the name of the class that validates this constraint.		9
Constraint::__get	public	function	Returns the value of a lazily initialized option.		2
Constraint::__isset	public	function			1
Constraint::__set	public	function	Sets the value of a lazily initialized option.		1
Constraint::__sleep	public	function	Optimizes the serialized value to minimize storage space.
NoSuspiciousCharacters::$checks	public	property
NoSuspiciousCharacters::$hiddenOverlayMessage	public	property
NoSuspiciousCharacters::$invisibleMessage	public	property
NoSuspiciousCharacters::$locales	public	property
NoSuspiciousCharacters::$mixedNumbersMessage	public	property
NoSuspiciousCharacters::$restrictionLevel	public	property
NoSuspiciousCharacters::$restrictionLevelMessage	public	property
NoSuspiciousCharacters::CHECK_HIDDEN_OVERLAY	public	constant	Check that a string does not have a combining character following a character in which it would be hidden; for example “i” (Latin Small Letter I) followed by a U+0307 (Combining Dot Above).
NoSuspiciousCharacters::CHECK_INVISIBLE	public	constant	Check a string for the presence of invisible characters such as zero-width spaces, or character sequences that are likely not to display such as multiple occurrences of the same non-spacing mark.
NoSuspiciousCharacters::CHECK_MIXED_NUMBERS	public	constant	Check that a string does not mix numbers from different numbering systems; for example “8” (Digit Eight) and “৪” (Bengali Digit Four).
NoSuspiciousCharacters::ERROR_NAMES	protected	constant	Maps error codes to the names of their constants.	Overrides Constraint::ERROR_NAMES
NoSuspiciousCharacters::HIDDEN_OVERLAY_ERROR	public	constant
NoSuspiciousCharacters::INVISIBLE_ERROR	public	constant
NoSuspiciousCharacters::MIXED_NUMBERS_ERROR	public	constant
NoSuspiciousCharacters::RESTRICTION_LEVEL_ASCII	public	constant	@see https://unicode.org/reports/tr39/#ascii_only
NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR	public	constant
NoSuspiciousCharacters::RESTRICTION_LEVEL_HIGH	public	constant	@see https://unicode.org/reports/tr39/#highly_restrictive
NoSuspiciousCharacters::RESTRICTION_LEVEL_MINIMAL	public	constant	@see https://unicode.org/reports/tr39/#minimally_restrictive
NoSuspiciousCharacters::RESTRICTION_LEVEL_MODERATE	public	constant	@see https://unicode.org/reports/tr39/#moderately_restrictive
NoSuspiciousCharacters::RESTRICTION_LEVEL_NONE	public	constant	@see https://unicode.org/reports/tr39/#unrestricted
NoSuspiciousCharacters::RESTRICTION_LEVEL_SINGLE_SCRIPT	public	constant	@see https://unicode.org/reports/tr39/#single_script
NoSuspiciousCharacters::__construct	public	function		Overrides Constraint::__construct

class NoSuspiciousCharacters

Hierarchy

See also

File

Namespace

Members