From 71b4226dc721bc0f23cc594760329f29e51defac Mon Sep 17 00:00:00 2001
From: Alexis Degrugillier <aledeg@users.noreply.github.com>
Date: Tue, 19 Mar 2019 20:27:06 +0100
Subject: [PATCH] Add an option validation on cli commands (#2278)

If an option used on cli is not recognized, the command
aborts and displays an error message.
If the typed option is similar to one of the recognized
options, a hint is displayed.

At the moment, there is a limitation on long options.
Short options are not validated at the moment.

See #2046
---
 cli/_cli.php                   | 25 +++++++++++++++++++++++++
 cli/_update-or-create-user.php |  2 +-
 cli/actualize-user.php         | 10 ++++++----
 cli/db-optimize.php            | 10 ++++++----
 cli/delete-user.php            | 10 ++++++----
 cli/do-install.php             |  6 +++---
 cli/export-opml-for-user.php   | 10 ++++++----
 cli/export-zip-for-user.php    | 12 +++++++-----
 cli/import-for-user.php        | 12 +++++++-----
 cli/reconfigure.php            |  8 ++++++++
 10 files changed, 75 insertions(+), 30 deletions(-)

diff --git a/cli/_cli.php b/cli/_cli.php
index e8fb6ae42..dec244bc3 100644
--- a/cli/_cli.php
+++ b/cli/_cli.php
@@ -3,6 +3,9 @@ if (php_sapi_name() !== 'cli') {
 	die('FreshRSS error: This PHP script may only be invoked from command line!');
 }
 
+const REGEX_INPUT_OPTIONS = '/^--/';
+const REGEX_PARAM_OPTIONS = '/:*$/';
+
 require(__DIR__ . '/../constants.php');
 require(LIB_PATH . '/lib_rss.php');	//Includes class autoloader
 require(LIB_PATH . '/lib_install.php');
@@ -64,3 +67,25 @@ function performRequirementCheck($databaseType) {
 		fail($message);
 	}
 }
+
+function getLongOptions($options, $regex) {
+	$longOptions = array_filter($options, function($a) use ($regex) {
+		return preg_match($regex, $a);
+	});
+	return array_map(function($a) use ($regex) {
+		return preg_replace($regex, '', $a);
+	}, $longOptions);
+}
+
+function validateOptions($input, $params) {
+	$sanitizeInput = getLongOptions($input, REGEX_INPUT_OPTIONS);
+	$sanitizeParams = getLongOptions($params, REGEX_PARAM_OPTIONS);
+	$unknownOptions = array_diff($sanitizeInput, $sanitizeParams);
+
+	if (0 === count($unknownOptions)) {
+		return true;
+	}
+
+	fwrite(STDERR, sprintf("FreshRSS error: unknown options: %s\n", implode (', ', $unknownOptions)));
+	return false;
+}
diff --git a/cli/_update-or-create-user.php b/cli/_update-or-create-user.php
index a5960b58a..eda597f19 100644
--- a/cli/_update-or-create-user.php
+++ b/cli/_update-or-create-user.php
@@ -22,7 +22,7 @@ if (!$isUpdate) {
 
 $options = getopt('', $params);
 
-if (empty($options['user'])) {
+if (!validateOptions($argv, $params) || empty($options['user'])) {
 	fail('Usage: ' . basename($_SERVER['SCRIPT_FILENAME']) .
 		" --user username ( --password 'password' --api_password 'api_password'" .
 		" --language en --email user@example.net --token 'longRandomString'" .
diff --git a/cli/actualize-user.php b/cli/actualize-user.php
index dd07fc142..08e17de98 100755
--- a/cli/actualize-user.php
+++ b/cli/actualize-user.php
@@ -2,11 +2,13 @@
 <?php
 require(__DIR__ . '/_cli.php');
 
-$options = getopt('', array(
-		'user:',
-	));
+$params = array(
+	'user:',
+);
 
-if (empty($options['user'])) {
+$options = getopt('', $params);
+
+if (!validateOptions($argv, $params) || empty($options['user'])) {
 	fail('Usage: ' . basename(__FILE__) . " --user username");
 }
 
diff --git a/cli/db-optimize.php b/cli/db-optimize.php
index 39dc97638..bd0623a48 100755
--- a/cli/db-optimize.php
+++ b/cli/db-optimize.php
@@ -2,11 +2,13 @@
 <?php
 require(__DIR__ . '/_cli.php');
 
-$options = getopt('', array(
-		'user:',
-	));
+$params = array(
+	'user:',
+);
 
-if (empty($options['user'])) {
+$options = getopt('', $params);
+
+if (!validateOptions($argv, $params) || empty($options['user'])) {
 	fail('Usage: ' . basename(__FILE__) . " --user username");
 }
 
diff --git a/cli/delete-user.php b/cli/delete-user.php
index 30cc31754..ab02dfdbf 100755
--- a/cli/delete-user.php
+++ b/cli/delete-user.php
@@ -2,11 +2,13 @@
 <?php
 require(__DIR__ . '/_cli.php');
 
-$options = getopt('', array(
-		'user:',
-	));
+$params = array(
+	'user:',
+);
 
-if (empty($options['user'])) {
+$options = getopt('', $params);
+
+if (!validateOptions($argv, $params) || empty($options['user'])) {
 	fail('Usage: ' . basename(__FILE__) . " --user username");
 }
 $username = $options['user'];
diff --git a/cli/do-install.php b/cli/do-install.php
index 7435ab9f1..fd5aa4a3c 100755
--- a/cli/do-install.php
+++ b/cli/do-install.php
@@ -31,10 +31,10 @@ $dBparams = array(
 
 $options = getopt('', array_merge($params, $dBparams));
 
-if (empty($options['default_user'])) {
+if (!validateOptions($argv, array_merge($params, $dBparams)) || empty($options['default_user'])) {
 	fail('Usage: ' . basename(__FILE__) . " --default_user admin ( --auth_type form" .
-		" --environment production --base_url https://rss.example.net" .
-		" --language en --title FreshRSS --allow_anonymous --api_enabled" .
+		" --environment production --base_url https://rss.example.net --allow_robots" .
+		" --language en --title FreshRSS --allow_anonymous --allow_anonymous_refresh --api_enabled" .
 		" --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123" .
 		" --db-base freshrss --db-prefix freshrss_ --disable_update )");
 }
diff --git a/cli/export-opml-for-user.php b/cli/export-opml-for-user.php
index 076cffe74..8e7ed08f7 100755
--- a/cli/export-opml-for-user.php
+++ b/cli/export-opml-for-user.php
@@ -2,11 +2,13 @@
 <?php
 require(__DIR__ . '/_cli.php');
 
-$options = getopt('', array(
-		'user:',
-	));
+$params = array(
+	'user:',
+);
 
-if (empty($options['user'])) {
+$options = getopt('', $params);
+
+if (!validateOptions($argv, $params) || empty($options['user'])) {
 	fail('Usage: ' . basename(__FILE__) . " --user username > /path/to/file.opml.xml");
 }
 
diff --git a/cli/export-zip-for-user.php b/cli/export-zip-for-user.php
index 86113d9fa..b89a55104 100755
--- a/cli/export-zip-for-user.php
+++ b/cli/export-zip-for-user.php
@@ -2,12 +2,14 @@
 <?php
 require(__DIR__ . '/_cli.php');
 
-$options = getopt('', array(
-		'user:',
-		'max-feed-entries:',
-	));
+$params = array(
+	'user:',
+	'max-feed-entries:',
+);
 
-if (empty($options['user'])) {
+$options = getopt('', $params);
+
+if (!validateOptions($argv, $params) || empty($options['user'])) {
 	fail('Usage: ' . basename(__FILE__) . " --user username ( --max-feed-entries 100 ) > /path/to/file.zip");
 }
 
diff --git a/cli/import-for-user.php b/cli/import-for-user.php
index 95ff18c8c..7c66fbef2 100755
--- a/cli/import-for-user.php
+++ b/cli/import-for-user.php
@@ -2,12 +2,14 @@
 <?php
 require(__DIR__ . '/_cli.php');
 
-$options = getopt('', array(
-		'user:',
-		'filename:',
-	));
+$params = array(
+	'user:',
+	'filename:',
+);
 
-if (empty($options['user']) || empty($options['filename'])) {
+$options = getopt('', $params);
+
+if (!validateOptions($argv, $params) || empty($options['user']) || empty($options['filename'])) {
 	fail('Usage: ' . basename(__FILE__) . " --user username --filename /path/to/file.ext");
 }
 
diff --git a/cli/reconfigure.php b/cli/reconfigure.php
index cfe713fa8..84073b70e 100755
--- a/cli/reconfigure.php
+++ b/cli/reconfigure.php
@@ -27,6 +27,14 @@ $dBparams = array(
 
 $options = getopt('', array_merge($params, $dBparams));
 
+if (!validateOptions($argv, array_merge($params, $dBparams))) {
+	fail('Usage: ' . basename(__FILE__) . " --default_user admin ( --auth_type form" .
+		" --environment production --base_url https://rss.example.net --allow_robots" .
+		" --language en --title FreshRSS --allow_anonymous --allow_anonymous_refresh --api_enabled" .
+		" --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123" .
+		" --db-base freshrss --db-prefix freshrss_ --disable_update )");
+}
+
 fwrite(STDERR, 'Reconfiguring FreshRSS…' . "\n");
 
 $config = Minz_Configuration::get('system');