WPCIVIUX-176 Clarify logging and documentation for API Field name val…

…idator

includes/utils/class-civicrm-ux-validators.php

@@ -44,15 +44,25 @@ public static function validateCssColor($color): ?string
         return $valid ? $matches[1] : null;
     }
 
-    public static function validateAPIFieldName($field, $key = null): ?string
-    {
-        $valid = preg_match('{ ^ (?! [.-] ) [[:alnum:]._:-]+ (?<! [._-]) $ }xi', $field, $matches);
+	public static function validateAPIFieldName($field, $key = null): ?string
+	{
+		/** API Field names:
+		 *   - must contain only alphanumeric characters, dash (-), underscore(_), dot(.) or colon (:)
+		 *   - may not start or end with a dot dash or colon
+		 */
+		$valid = preg_match('{  
+		                        ^ (?! [.:-] )    # Exclude disallowed prefix 
+		                        [[:alnum:]._:-]+ # Sequence of valid characters
+		                        (?<! [.:-]) $    # Exclude disallowed suffix
+		                         }xi', $field, $matches);
 
-        if (!$valid) {
-			error_log( $key ? __('Invalid field key given') : sprintf(__('Invalid key given for "%1$s"' )));
+		if ( ! $valid ) {
+			error_log( sprintf( 
+				( ! $key ) ? __( '%1$s: Invalid field key given' ) : __( '%1$s: Invalid key given for "%2$s"' ),
+				'ux_event_fullcalendar', $key ) );
 			return null;
-        }
+		}
 
-        return $matches[0];
-    }
-}
+		return $matches[0];
+	}
+}

rest/json-all-events.php

@@ -51,7 +51,7 @@ protected function get_events_all() {
         $force_login = rest_sanitize_boolean($_REQUEST['force_login'] ?? Shortcode::getDefaultForceLogin());
 		$redirect_after_login = esc_url($_REQUEST['redirect_after_login']);
 		$extra_fields = !empty($_REQUEST['extra_fields']) ? explode(',', filter_var($_REQUEST['extra_fields'], FILTER_SANITIZE_STRING)) : [];
-        $extra_fields = array_map( [ 'Civicrm_Ux_Validators', 'validateAPIFieldName' ], $extra_fields );
+        $extra_fields = array_map( fn($field) => Civicrm_Ux_Validators::validateAPIFieldName( $field, 'extra_fields' ), $extra_fields );
 
         if(!empty($_REQUEST['colors']) && !is_array($_REQUEST['colors'])) {
             $_REQUEST['colors'] = explode(',', $_REQUEST['colors']);
@@ -91,7 +91,7 @@ protected function get_events_all() {
             }
 
             if(!empty($_REQUEST['image_src_field'])) {
-                $image_src_field = Civicrm_Ux_Validators::validateAPIFieldName($_REQUEST['image_src_field']);
+                $image_src_field = Civicrm_Ux_Validators::validateAPIFieldName($_REQUEST['image_src_field'], 'image_src_field');
                 $eventQuery->addSelect($image_src_field);
             } else {
                 $image_src_field = null;

shortcodes/event/event-fullcalendar.php

@@ -39,10 +39,10 @@ public function shortcode_callback( $atts = [], $content = null, $tag = '' ) {
 				}
 			}
 			if (isset($atts['extra_fields'])) {
-                $extra_fields_arr = array_map([ 'Civicrm_Ux_Validators', 'validateAPIFieldName' ], explode(",", $atts['extra_fields']));
+                $extra_fields_arr = array_map( fn( $field ) => Civicrm_Ux_Validators::validateAPIFieldName( $field, 'extra_fields' ), explode( ",", $atts['extra_fields'] ) );
             }
 			if (isset($atts['image_src_field'])) {
-				$atts['image_src_field'] = Civicrm_Ux_Validators::validateAPIFieldName($atts['image_src_field']);
+				$atts['image_src_field'] = Civicrm_Ux_Validators::validateAPIFieldName( $atts['image_src_field'], 'image_src_field' );
 			}
 			if (isset($atts['force_login'])) {
 				$atts['force_login'] = filter_var($atts['force_login'], FILTER_VALIDATE_BOOLEAN);