3v4l.org

run code in 200+ php & hhvm versions
Bugs & Features
<?php function is_valid_time_domain( $url ) { $whitelisted_domains = array( 'mydomain.com', 'mydomain.net' ); $domain = parse_url( $url, PHP_URL_HOST ); // Check if we match the domain exactly if ( in_array( $domain, $whitelisted_domains ) ) { return true; } foreach( $whitelisted_domains as $whitelisted_domain ) { $whitelisted_domain = '.' . $whitelisted_domain; // Prevent things like 'evilsitetime.com' if( strpos( $domain, $whitelisted_domain ) === ( strlen( $domain ) - strlen( $whitelisted_domain ) ) ) { return true; break; } } return false; } $domains = array( /*'http://mydomain.com', 'http://www.mydomain.com', 'http://mydomain.com.evilsite.com', 'http://mydomain.com.mydomain.net', 'http://evilsitemydomain.com', 'http://mydomain.com.evil%45site.com', 'http://evil%45sitemydomain.com', 'http://evil%00sitemydomain.com', 'http://mydomain.com.evil%00site.com','http://evilsite.com/.mydomain.com', 'http://mydomain.com%00.evilsite.com', 'http://evilsite.com#.mydomain.com', 'http://evilsite.com@mydomain.com', 'http://mydomain.com@evilsite.com', 'http://evilsite.com@#mydomain.com', 'http://evilsite.com:mydomain.com', 'file://stuff@myfile:mydomain.com', 'file:///dev@mydomain.com', 'file:///dev?@mydomain.com', 'file:///dev?mydomain.com', 'http:mydomain.com', 'http:evilsite.com//mydomain.com', 'http:mydomain.com//evilsite.com', 'http:mydomain.com', 'http://[2010:836B:4179::836B:4179].mydomain.com', 'http://evilsite.com+mydomain.com', 'http://mydomain.com+evilsite.com', 'http://%6Dydomain.com', 'http://evilsite$mydomain.com', 'http://evilsite;mydomain.com', 'http://%1B.mydomain.com/', 'http://%1Bmydomain.com/', 'http://mydom ain.com', 'http://my domain.com', 'http://mydomain.com.eu', 'http://"mydomain.com', 'http://".mydomain.com', 'http://%22.mydomain.com',*/ 'http://£.mydomain.com', 'http://example.com£mydomain.com', 'http://example.com£%2Emydomain.com', 'http://%00.mydomain.com', 'http://%00mydomain.com', 'data://text%2Fhtml%2C%3Ch1%3EHello%2C%20World!%3C%2Fh1%3E.mydomain.com', 'feed://http://mydomain.com'); foreach( $domains as $domain ) { echo $domain . "\n"; var_dump( is_valid_time_domain( $domain ) ); }
based on Xn9ER
Output for 5.1.2 - 7.2.0
http://£.mydomain.com bool(true) http://example.com£mydomain.com bool(false) http://example.com£%2Emydomain.com bool(false) http://%00.mydomain.com bool(true) http://%00mydomain.com bool(false) data://text%2Fhtml%2C%3Ch1%3EHello%2C%20World!%3C%2Fh1%3E.mydomain.com bool(true) feed://http://mydomain.com bool(false)
Output for 4.3.0 - 5.1.1
http://£.mydomain.com Notice: Use of undefined constant PHP_URL_HOST - assumed 'PHP_URL_HOST' in /in/sfPUW on line 4 Warning: parse_url() expects exactly 1 parameter, 2 given in /in/sfPUW on line 4 bool(false) http://example.com£mydomain.com Notice: Use of undefined constant PHP_URL_HOST - assumed 'PHP_URL_HOST' in /in/sfPUW on line 4 Warning: parse_url() expects exactly 1 parameter, 2 given in /in/sfPUW on line 4 bool(false) http://example.com£%2Emydomain.com Notice: Use of undefined constant PHP_URL_HOST - assumed 'PHP_URL_HOST' in /in/sfPUW on line 4 Warning: parse_url() expects exactly 1 parameter, 2 given in /in/sfPUW on line 4 bool(false) http://%00.mydomain.com Notice: Use of undefined constant PHP_URL_HOST - assumed 'PHP_URL_HOST' in /in/sfPUW on line 4 Warning: parse_url() expects exactly 1 parameter, 2 given in /in/sfPUW on line 4 bool(false) http://%00mydomain.com Notice: Use of undefined constant PHP_URL_HOST - assumed 'PHP_URL_HOST' in /in/sfPUW on line 4 Warning: parse_url() expects exactly 1 parameter, 2 given in /in/sfPUW on line 4 bool(false) data://text%2Fhtml%2C%3Ch1%3EHello%2C%20World!%3C%2Fh1%3E.mydomain.com Notice: Use of undefined constant PHP_URL_HOST - assumed 'PHP_URL_HOST' in /in/sfPUW on line 4 Warning: parse_url() expects exactly 1 parameter, 2 given in /in/sfPUW on line 4 bool(false) feed://http://mydomain.com Notice: Use of undefined constant PHP_URL_HOST - assumed 'PHP_URL_HOST' in /in/sfPUW on line 4 Warning: parse_url() expects exactly 1 parameter, 2 given in /in/sfPUW on line 4 bool(false)