The Spoofchecker class

    (PHP 5 >= 5.4.0, PHP 7, PHP 8, PECL intl >= 2.0.0)

    Вступ

    This class is provided because Unicode contains large number of characters and incorporates the varied writing systems of the world and their incorrect usage can expose programs or systems to possible security attacks using characters similarity.

    Provided methods allow to check whether an individual string is likely an attempt at confusing the reader (spoof detection), such as "pаypаl" spelled with Cyrillic 'а' characters.

    Короткий огляд класу

    class Spoofchecker {
    /* Константи */
    public const int SINGLE_SCRIPT_CONFUSABLE;
    public const int MIXED_SCRIPT_CONFUSABLE;
    public const int WHOLE_SCRIPT_CONFUSABLE;
    public const int ANY_CASE;
    public const int SINGLE_SCRIPT;
    public const int INVISIBLE;
    public const int CHAR_LIMIT;
    public const int ASCII;
    public const int HIGHLY_RESTRICTIVE;
    public const int MODERATELY_RESTRICTIVE;
    public const int MINIMALLY_RESTRICTIVE;
    public const int UNRESTRICTIVE;
    public const int SINGLE_SCRIPT_RESTRICTIVE;
    public const int MIXED_NUMBERS;
    public const int HIDDEN_OVERLAY;
    /* Методи */
    public __construct()
    public areConfusable(string $string1, string $string2, int &$errorCode = null): bool
    public isSuspicious(string $string, int &$errorCode = null): bool
    public setAllowedLocales(string $locales): void
    public setChecks(int $checks): void
    public setRestrictionLevel(int $level): void
    }

    Журнал змін

    Версія Опис
    7.3.0 Class constants used by Spoofchecker::setRestrictionLevel() such as Spoofchecker::ASCII, Spoofchecker::HIGHLY_RESTRICTIVE, Spoofchecker::MODERATELY_RESTRICTIVE, Spoofchecker::MINIMALLY_RESTRICTIVE, Spoofchecker::UNRESTRICTIVE, Spoofchecker::SINGLE_SCRIPT_RESTRICTIVE has been added.

    Зміст

    Improve This Page

    Learn How To Improve This PageSubmit a Pull RequestReport a Bug
    add a note

    User Contributed Notes 2 notes

    up
    3
    Anonymous
    7 years ago
    From http://icu-project.org/apiref/icu4j/com/ibm/icu/text/SpoofChecker.html :
    SINGLE_SCRIPT_CONFUSABLE: indicates that the two strings are visually confusable and that they are from the same script
    MIXED_SCRIPT_CONFUSABLE: indicates that the two strings are visually confusable and that they are NOT from the same script
    WHOLE_SCRIPT_CONFUSABLE: indicates that the two strings are visually confusable and that they are NOT from the same script BUT both of them are single-script strings
    ANY_CASE: Deprecated.
    SINGLE_SCRIPT: Deprecated.
    INVISIBLE: Check an identifier for the presence of invisible characters, such as zero-width spaces, or character sequences that are likely not to display, such as multiple occurrences of the same non-spacing mark.
    CHAR_LIMIT: Check that an identifier contains only characters from a specified set of acceptable characters.

    Explanation of whole script, mixed script and single script confusables in UTS 39 section 4 : http://unicode.org/reports/tr39/#Confusable_Detection

    Details from Java SpoofChecker class at http://icu-project.org/apiref/icu4j/com/ibm/icu/text/SpoofChecker.html
    up
    -1
    Anonymous
    6 years ago
    Spoofchecker yields false positives by defaut when Whole-Script Confusables (WSC) and Mixed-Script Confusables (MSC) checks are used.
    They have been deprecated since ICU 58:
    http://bugs.icu-project.org/trac/ticket/12549#comment:10

    Workarounds: upgrade ICU to 58+, or avoid the MSC and WSC checks with Spoofcheckers' setChecks() function.
    add a note
    To Top