[Plugin: Cimy User Extra Fields][Bug?][Patch incl]Case sensitive versus regex

Resolved Juliette Reinders Folmer
(@jrf)

14 years, 8 months ago
Hi Marco,

I’ve run into another little issue. This one I think can be solved quickly and easily.

When an admin adds regex validation to a cimy field and does not check the ‘case-sensitive’ option, the regex is still run as if it was case-sensitive.

For example:
Say you have a regex /^[a-z0-9_]{1,16}$/ (Twitter username validation) and you have not checked the “Case sensitive” checkbox.
If a user enters ‘MyUsername’, the validation will reject it.

I know I can change the regex to be case-insensitive (which I have for now), but I would find it more intuitive for the case-sensitive option to be respected – even when using a regex -.

The patch would be quite simple. The only place in the code where I found a preg_match is in cimy_uef_register.php.

Original code line 450-455:
```
if ($rules['equal_to_regex']) {
	if (!preg_match($equalTo, $value)) {
		$equalmsg = " ".__("isn’t correct", $cimy_uef_domain);
		$errors->add($unique_id, '<strong>'.__("ERROR", $cimy_uef_domain).'</strong>: '.$label.$equalmsg.'.');
	}
}
```
If you change those lines to the following, I believe it will be patched (one extra line after the first if):
```
if ($rules['equal_to_regex']) {
	$equalTo = ( ( !$rules['equal_to_case_sensitive'] ) ? $equalTo . 'iu' : $equalTo . 'u' );
	if (!preg_match($equalTo, $value)) {
		$equalmsg = " ".__("isn’t correct", $cimy_uef_domain);
		$errors->add($unique_id, '<strong>'.__("ERROR", $cimy_uef_domain).'</strong>: '.$label.$equalmsg.'.');
	}
}
```
I also added the -u modifier at the end so that preg_match() will deal with utf-8 strings in the pattern correctly.
Ref: PHP Manual PRCE pattern modifiers.

I hope this helps!

Keep up the good work 😉

Smile,
Juliette

http://wordpress.org/extend/plugins/cimy-user-extra-fields/

Viewing 9 replies - 1 through 9 (of 9 total)

Plugin Author Marco Cimmino
(@cimmo)

14 years, 8 months ago

EDIT:
I don’t get it why you need this change, doesn’t work right now as you wish?

Thread Starter Juliette Reinders Folmer
(@jrf)

14 years, 8 months ago

Hi Marco,

No, it doesn’t.

Example 1:
Settings:
Should be equal to: “/^[a-z0-9_]{1,16}$/”
Case sensitive: not checked
Regex: checked
——-
Input: MyUsername
Result: invalid entry (because of the capitals)

With the patch snippet I gave you, the input would be regarded as valid as the regex is turned to a case-insensitive regex.

The snippet you referred to before you edited your comment should still stay in to be able to check for things like checked checkboxes. It only turns the string to be checked and the equalto value to uppercase when the equalto value is not a regex.

I hope this helps 😉

Smile,
Juliette

Plugin Author Marco Cimmino
(@cimmo)

14 years, 8 months ago

Hmm, no, I think that code I posted should work but it doesn’t, so the IF is somehow wrong.

Now I even commented it, but I cannot understand why it doesn’t work properly.

Plugin Author Marco Cimmino
(@cimmo)

14 years, 8 months ago

Actually I think I never added support for regex case insensitive… you are right indeed.
Altough your patch is not good, what happens if someone already adds ‘/i’ or ‘/iu’?
Thread Starter Juliette Reinders Folmer
(@jrf)

14 years, 8 months ago
Hmm… how can I help ?

Do you mean this if statement ? If so, it seems to do what you documented it to do, i.e. only change the strings to uppercase if not they should be case-insensitive and not regex.
```
// 	if the type is not allowed to be case sensitive
// 	OR if case sensitive is not checked
// AND
// 	if the type is not allowed to be a regex
// 	OR if regex rule is not set
// THEN switch to uppercase
if (((!in_array($type, $rule_equalto_case_sensitive)) || (!$rules['equal_to_case_sensitive'])) && ((!in_array($type, $rule_equalto_regex)) || (!$rules['equal_to_regex']))) {
```
You could take those lines out, but then I suggest something along the following lines:
* change line 450 to:
if (in_array($type, $rule_equalto_regex) && $rules['equal_to_regex']) {
* add my one-liner on the next line:
$equalTo = ( ( !$rules['equal_to_case_sensitive'] ) ? $equalTo . 'iu' : $equalTo . 'u' );

* change line 456:
else if ($value != $equalTo) {
to:
```
else if (
( ( !in_array($type, $rule_equalto_case_sensitive) ||
!$rules['equal_to_case_sensitive'] ) && strcasecmp( $value, $equalTo ) !== 0 ) ||
( ( in_array($type, $rule_equalto_case_sensitive) ||
$rules['equal_to_case_sensitive'] ) && strcmp( $value, $equalTo ) !== 0 ) ) {
```
That should work with utf-8 strings as the strcmp() functions are supposed to be binary-safe.
Alternatively you could look at the mb_string functions for converting to lower/uppercase.

Hope this helps 😉
Juliette
Thread Starter Juliette Reinders Folmer
(@jrf)

14 years, 8 months ago

*grin* you replied while I was still composing my reply… nice 😉

Altough your patch is not good, what happens if someone already adds ‘/i’ or ‘/iu’?

AFAIK that shouldn’t give any problems. If preg receives a regex such as:
/^[a-z0-9_]{1,16}$/iiu
as far as I know, it will just ignore the doubling of the i, though I’ll test it for you and if I get inconclusive results I can always ask one the PHP core developers 😉

Give me a minute and I’ll get back to you on that.

Thread Starter Juliette Reinders Folmer
(@jrf)

14 years, 8 months ago

Ok, my tests confirm what I said before: having a double or even triple regex modifier, does not effect the result. Preg will respect the modifier anyhow.

I haven’t tested with conflicting modifiers, but -i and -u don’t have conflicting modifiers available, so that shouldn’t be an issue here anyhow.

Plugin Author Marco Cimmino
(@cimmo)

14 years, 8 months ago

Ok you convinced me and I committed the first patch. Fix will be available for v2.2.0

thanks

Thread Starter Juliette Reinders Folmer
(@jrf)

14 years, 8 months ago

Excellent! Thank you 😉

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘[Plugin: Cimy User Extra Fields][Bug?][Patch incl]Case sensitive versus regex’ is closed to new replies.