Added: not_contains matching type.

dave83649 · dave83649 · commit d760a31ee454 · 2023-06-22T16:30:58.000+02:00
diff --git a/src/Processor.php b/src/Processor.php
@@ -345,6 +345,11 @@ public function matchParameterValue($match, $value)
             return @stripos($value, $matchValue) !== false;
         }
 
+        // If a scalar does not contain a value.
+        if ($matchType == 'not_contains' && is_scalar($value)) {
+            return @stripos($value, $matchValue) === false;
+        }
+
         // If a string matches a regular expression.
         if ($matchType == 'regex' && is_string($matchValue) && is_scalar($value)) {
             return @preg_match($matchValue, @urldecode($value)) === 1;
diff --git a/tests/FirewallTest.php b/tests/FirewallTest.php
@@ -264,7 +264,7 @@ public function testRules()
         );
         $this->assertFalse($this->processor->launch(false));
         $this->alterPayload();
-//post.user.role.type*
+
         // Determine if a POST parameter (using wildcard) contains a certain character.
         $this->setUpFirewallProcessor([$this->rules[18]]);
         $this->alterPayload(
@@ -297,5 +297,24 @@ public function testRules()
         );
         $this->assertFalse($this->processor->launch(false));
         $this->alterPayload();
+
+        // Determine if a POST parameter does not contain a substring.
+        $this->setUpFirewallProcessor([$this->rules[19]]);
+        $this->alterPayload(
+            ['POST' => [
+            'what' => 'myteststring'
+            ]]
+        );
+        $this->assertTrue($this->processor->launch(false));
+        $this->alterPayload();
+
+        $this->setUpFirewallProcessor([$this->rules[19]]);
+        $this->alterPayload(
+            ['POST' => [
+            'what' => 'myvalidstring'
+            ]]
+        );
+        $this->assertFalse($this->processor->launch(false));
+        $this->alterPayload();
     }
 }
diff --git a/tests/data/Rules.json b/tests/data/Rules.json
@@ -150,5 +150,13 @@
         "cat":"TEST",
         "type":"BLOCK",
         "type_params":null
+    },
+    {
+        "id":20,
+        "title":"Determine if a POST parameter does not contain a substring.",
+        "rules":[{"parameter":"post.what","match":{"type":"not_contains","value":"test"}}],
+        "cat":"TEST",
+        "type":"BLOCK",
+        "type_params":null
     }
 ]

Original file line number	Diff line number	Diff line change
`@@ -150,5 +150,13 @@`
`150`	`150`	`"cat":"TEST",`
`151`	`151`	`"type":"BLOCK",`
`152`	`152`	`"type_params":null`
	`153`	`+ },`
	`154`	`+ {`
	`155`	`+ "id":20,`
	`156`	`+ "title":"Determine if a POST parameter does not contain a substring.",`
	`157`	`+ "rules":[{"parameter":"post.what","match":{"type":"not_contains","value":"test"}}],`
	`158`	`+ "cat":"TEST",`
	`159`	`+ "type":"BLOCK",`
	`160`	`+ "type_params":null`
`153`	`161`	`}`
`154`	`162`	`]`