2008-12-21 11:07:58 +00:00
< ? php
/*
* e107 website system
*
2009-11-18 01:06:08 +00:00
* Copyright ( C ) 2008 - 2009 e107 Inc ( e107 . org )
2008-12-21 11:07:58 +00:00
* Released under the terms and conditions of the
* GNU General Public License ( http :// www . gnu . org / licenses / gpl . txt )
*
* Handler - general purpose validation functions
*
* $Source : / cvs_backup / e107_0 . 8 / e107_handlers / validator_class . php , v $
2010-02-10 18:18:01 +00:00
* $Revision $
* $Date $
* $Author $
2008-12-21 11:07:58 +00:00
*
*/
2010-02-07 12:13:43 +00:00
if ( ! defined ( 'e107_INIT' )) { exit ; }
2008-12-21 11:07:58 +00:00
// List of error numbers which may be returned from validation
define ( 'ERR_MISSING_VALUE' , '01' );
define ( 'ERR_UNEXPECTED_VALUE' , '02' );
define ( 'ERR_INVALID_CHARS' , '03' );
define ( 'ERR_TOO_SHORT' , '04' );
define ( 'ERR_TOO_LONG' , '05' );
define ( 'ERR_DUPLICATE' , '06' );
define ( 'ERR_DISALLOWED_TEXT' , '07' );
2012-01-13 13:06:11 +00:00
define ( 'ERR_DISALLOWED_TEXT_EXACT_MATCH' , '23' );
2008-12-21 11:07:58 +00:00
define ( 'ERR_FIELD_DISABLED' , '08' );
define ( 'ERR_INVALID_WORD' , '09' );
define ( 'ERR_PASSWORDS_DIFFERENT' , '10' );
define ( 'ERR_BANNED_EMAIL' , '11' );
define ( 'ERR_INVALID_EMAIL' , '12' );
define ( 'ERR_ARRAY_EXPECTED' , '13' );
define ( 'ERR_BANNED_USER' , '14' );
define ( 'ERR_FIELDS_DIFFERENT' , '15' );
define ( 'ERR_CODE_ERROR' , '16' );
define ( 'ERR_TOO_LOW' , '17' );
define ( 'ERR_TOO_HIGH' , '18' );
2008-12-21 22:17:05 +00:00
define ( 'ERR_GENERIC' , '19' ); // This requires coder-defined error text
2008-12-28 22:37:43 +00:00
define ( 'ERR_IMAGE_TOO_WIDE' , '20' );
define ( 'ERR_IMAGE_TOO_HIGH' , '21' );
2008-12-21 11:07:58 +00:00
2010-02-07 12:13:43 +00:00
// Default error messages
e107 :: includeLan ( e_LANGUAGEDIR . e_LANGUAGE . '/admin/lan_validator.php' );
2009-10-19 16:13:29 +00:00
/**
* Validator class - used by e_model and its child classes
*
* @ package e107
* @ category e107_handlers
* @ version 1.0
* @ author SecretR
* @ copyright Copyright ( c ) 2009 , e107 Inc .
*/
class e_validator
{
/**
* @ var integer Unknown error code
*/
2010-02-07 12:13:43 +00:00
const ERR_UNKNOWN = 0 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Value not found error code
*/
const ERR_MISSING_VALUE = 101 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
2010-02-07 12:13:43 +00:00
* @ var integer Unexpected value type error code ( bad rule )
2009-10-19 16:13:29 +00:00
*/
const ERR_UNEXPECTED_VALUE = 102 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Invalid characters error code
*/
const ERR_INVALID_CHARS = 103 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Invalid email error code
*/
const ERR_INVALID_EMAIL = 104 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
2010-03-01 10:20:25 +00:00
* @ var integer Field doesn ' t match error code
2009-10-19 16:13:29 +00:00
*/
const ERR_FIELDS_MATCH = 105 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer String too short error code
*/
const ERR_TOO_SHORT = 131 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer String too long error code
*/
const ERR_TOO_LONG = 132 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Number too low error code
*/
const ERR_TOO_LOW = 133 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Number too high error code
*/
const ERR_TOO_HIGH = 134 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Array count too low error code
*/
const ERR_ARRCOUNT_LOW = 135 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Array count high error code
*/
const ERR_ARRCOUNT_HIGH = 136 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Type of integer expected error code
*/
const ERR_INT_EXPECTED = 151 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Type of float expected error code
*/
const ERR_FLOAT_EXPECTED = 152 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Instance type expected error code
*/
const ERR_INSTANCEOF_EXPECTED = 153 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
2010-02-07 12:13:43 +00:00
* @ var integer Array type expected error code
2009-10-19 16:13:29 +00:00
*/
const ERR_ARRAY_EXPECTED = 154 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ var integer Generic ( empty value ) error code
*/
const ERR_GENERIC = 191 ;
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
/**
* @ var integer File not exists or not a file error code
*/
const ERR_NOT_FILE = 201 ;
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
/**
* @ var integer File not writable error code
*/
const ERR_WRITABLE_FILE = 202 ;
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
/**
* @ var integer File exceeds allowed file size error code
*/
const ERR_SIZEMIN_FILE = 203 ;
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
/**
* @ var integer File lower than minimal file size error code
*/
const ERR_SIZEMAX_FILE = 204 ;
2009-10-19 16:13:29 +00:00
/**
* Required rules - Used by validate method
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* Structure : array ( type , condition , field title LAN [, condition help , validation error message ]);
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ example $_required_rules [ 'download_category_id' ] = array ( 'int' , '1' , 'Download Category' , 'choose category' )
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* Validation array structure :
2010-03-01 10:20:25 +00:00
* - type | condition =
2009-10-19 16:13:29 +00:00
* - regex | regex string
* - email | no condition required
2010-02-07 13:55:38 +00:00
* - int / integer | number range in format 'min:max'
* - float | number range in format 'min:max'
* - str / string | number string length range in format 'min:max'
2009-10-19 16:13:29 +00:00
* - required | no condition required
* - callback | string function name or array ( class name | object , method ) ( static call )
* - instanceof | string class name
2010-03-01 10:20:25 +00:00
* - enum | ( string ) values separated by '#' e . g . 'match1#match2#match3'
2010-02-07 13:55:38 +00:00
* - array | array count range in format 'min:max'
2009-10-19 16:13:29 +00:00
* - compare | string field_name , value should be in format field_name => array ( 'value1' , 'value1' )
* if value1 === value1 , field_name => value1 will be added to $_valid_data array
2010-03-01 10:20:25 +00:00
* - field title LAN =
2009-10-19 16:13:29 +00:00
* human readable field ( data key ) name
2010-03-01 10:20:25 +00:00
* - [ optional ] condition help =
2009-10-19 16:13:29 +00:00
* can be used for both inline field help and validation error message
2010-03-01 10:20:25 +00:00
* - [ optional ] validation error message =
2009-10-19 16:13:29 +00:00
* if empty condition help will be used
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ var array
*/
protected $_required_rules = array ();
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Check data only if exist / non - empty
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ var array
*/
protected $_optional_rules = array ();
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Contains validation error codes in format 'field=>error_code'
* @ var array
*/
protected $_validation_results = array ();
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Stores validated data ( only after successful { @ link validateField ()} call
* @ var array
*/
protected $_valid_data = array ();
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Stores validate check result
* @ var boolean
*/
protected $_is_valid_data = true ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* eMessage handler namespace
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ var string
*/
protected $_message_stack = 'validator' ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
2010-03-01 10:20:25 +00:00
* Constructore
* @ param string [ optional ] $message_stack [ optional ] eMessage handler namespace
2009-10-19 16:13:29 +00:00
* @ param array [ optional ] $rules validation rules
* @ param array [ optional ] $optrules optional validation rules
*/
public function __construct ( $message_stack = '' , $rules = array (), $optrules = array ())
{
2009-10-20 16:05:03 +00:00
$this -> setMessageStack ( $message_stack )
-> setRules ( $rules )
2009-10-19 16:13:29 +00:00
-> setOptionalRules ( $optrules );
}
2010-03-01 10:20:25 +00:00
2009-10-20 16:05:03 +00:00
/**
* Set message stack
2010-03-01 10:20:25 +00:00
*
2009-10-20 16:05:03 +00:00
* @ param string $mstack
* @ return e_validator
*/
public function setMessageStack ( $mstack )
{
2009-10-30 17:59:32 +00:00
if ( ! $mstack ) $mstack = 'validator' ;
2009-10-20 16:05:03 +00:00
$this -> _message_stack = $mstack ;
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ param array $rules
* @ return e_validator
*/
public function setRules ( $rules )
{
$this -> _required_rules = $rules ;
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ param array $rules
* @ return e_validator
*/
public function setOptionalRules ( $rules )
{
$this -> _optional_rules = $rules ;
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
2010-03-01 10:20:25 +00:00
* Add successfully validated data to the valid array
2009-11-17 14:50:37 +00:00
*
2009-10-19 16:13:29 +00:00
* @ param string $field_name
* @ param mixed $value
2009-11-17 14:50:37 +00:00
* @ return e_validator
2009-10-19 16:13:29 +00:00
*/
protected function addValidData ( $field_name , $value )
{
$this -> _valid_data [ $field_name ] = $value ;
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ return array
*/
public function getValidData ()
{
return $this -> _valid_data ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Validate data
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ param array $data
2013-03-08 16:00:00 +02:00
* @ param boolean $availableOnly check only against available data if true
2009-10-19 16:13:29 +00:00
* @ return boolean
*/
2013-03-08 16:00:00 +02:00
function validate ( $data , $availableOnly = false )
2009-10-19 16:13:29 +00:00
{
$this -> reset ();
2010-03-01 10:20:25 +00:00
$rules = array_merge ( array_keys ( $this -> _required_rules ), array_keys ( $this -> _optional_rules ));
2009-10-20 16:05:03 +00:00
// no rules, no check
if ( ! $rules )
{
2012-03-16 14:18:55 +00:00
$this -> setIsValidData ( true );
2009-10-20 16:05:03 +00:00
$this -> _valid_data = $data ;
return true ;
}
2013-03-08 16:00:00 +02:00
$fieldList = $rules ;
if ( $availableOnly ) $fieldList = array_keys ( $data );
2009-10-19 16:13:29 +00:00
foreach ( $rules as $field_name )
{
2013-03-08 16:00:00 +02:00
if ( ! in_array ( $field_name , $fieldList )) continue ;
2009-10-19 16:13:29 +00:00
$value = varset ( $data [ $field_name ], null );
$required = $this -> isRequiredField ( $field_name );
if (( $required || $this -> isOptionalField ( $field_name )) && ! $this -> validateField ( $field_name , $value , $required ))
{
2012-03-16 14:18:55 +00:00
$this -> setIsValidData ( false );
2010-02-09 13:34:23 +00:00
$this -> addValidateMessage ( $this -> getFieldName ( $field_name , $required ), $this -> getErrorCode ( $field_name ), $this -> getFieldMessage ( $field_name , $value , $required ));
2009-10-19 16:13:29 +00:00
continue ;
}
}
return $this -> _is_valid_data ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Check if field is required
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ param string $name
* @ return boolean
*/
function isRequiredField ( $name )
{
return isset ( $this -> _required_rules [ $name ]);
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Check if there is optional rule for this field
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ param string $name
* @ return boolean
*/
function isOptionalField ( $name )
{
return isset ( $this -> _optional_rules [ $name ]);
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Retrieve help for the required field
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ param string $name
* @ return string
*/
function getFieldHelp ( $name , $required = true , $default = '' )
{
if ( $required )
{
$msg = ( isset ( $this -> _required_rules [ $name ][ 3 ]) ? $this -> _required_rules [ $name ][ 3 ] : $default );
}
else
{
$msg = ( isset ( $this -> _optional_rules [ $name ][ 3 ]) ? $this -> _optional_rules [ $name ][ 3 ] : $default );
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
return defset ( $msg , $msg );
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Retrieve validation error message for the required field
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ param string $name
2010-02-07 12:13:43 +00:00
* @ param mixed $value
2009-10-19 16:13:29 +00:00
* @ return string
*/
2010-02-07 12:13:43 +00:00
function getFieldMessage ( $name , $value = '' , $required = true )
2009-10-19 16:13:29 +00:00
{
if ( $required )
{
if ( ! isset ( $this -> _required_rules [ $name ][ 4 ]))
{
2010-02-07 12:13:43 +00:00
$msg = $this -> getFieldHelp ( $name , true );
2009-10-19 16:13:29 +00:00
}
2010-02-07 12:13:43 +00:00
else $msg = $this -> _required_rules [ $name ][ 4 ];
2009-10-19 16:13:29 +00:00
}
else
{
if ( ! isset ( $this -> _optional_rules [ $name ][ 4 ]))
{
2010-02-07 12:13:43 +00:00
$msg = $this -> getFieldHelp ( $name , false );
2009-10-19 16:13:29 +00:00
}
2010-02-07 12:13:43 +00:00
else $msg = $this -> _optional_rules [ $name ][ 4 ];
2009-10-19 16:13:29 +00:00
}
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
return ( $msg ? defset ( $msg , $msg ) : '' );
2009-10-19 16:13:29 +00:00
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ param string $name
* @ return string
*/
function getFieldName ( $name , $required = true )
{
if ( $required )
{
$msg = ( isset ( $this -> _required_rules [ $name ][ 2 ]) ? $this -> _required_rules [ $name ][ 2 ] : $name );
}
else
{
$msg = ( isset ( $this -> _optional_rules [ $name ][ 2 ]) ? $this -> _optional_rules [ $name ][ 2 ] : $name );
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
return defset ( $msg , $msg );
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Validate single field
*
* @ param string $name
* @ param string $newval
* @ param boolean $required
* @ return boolean
*/
function validateField ( $name , $value , $required = true )
{
if ( $required )
{
$type = $this -> _required_rules [ $name ][ 0 ];
$cond = $this -> _required_rules [ $name ][ 1 ];
}
2010-03-01 10:20:25 +00:00
else
2009-10-19 16:13:29 +00:00
{
2010-03-01 10:20:25 +00:00
if ( empty ( $value ))
2010-02-07 12:13:43 +00:00
{
switch ( $this -> _optional_rules [ $name ][ 0 ])
{
case 'int' :
case 'integer' :
$value = 0 ;
break ;
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
case 'float' :
2011-01-04 12:10:47 +00:00
$value = 0.00 ;
2010-02-07 12:13:43 +00:00
break ;
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
case 'array' :
$value = array ();
break ;
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
default :
$value = '' ;
break ;
}
$this -> addValidData ( $name , $value );
return true ;
}
2009-10-19 16:13:29 +00:00
$type = $this -> _optional_rules [ $name ][ 0 ];
$cond = $this -> _optional_rules [ $name ][ 1 ];
}
2010-02-09 13:34:23 +00:00
2010-03-01 10:20:25 +00:00
switch ( $type )
2009-10-19 16:13:29 +00:00
{
2010-03-01 10:20:25 +00:00
case 'required' :
2009-10-19 16:13:29 +00:00
if ( empty ( $value ))
{
$this -> addValidateResult ( $name , self :: ERR_GENERIC );
return false ;
}
$this -> addValidData ( $name , $value );
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
case 'email' :
if ( ! check_email ( $value ))
{
$this -> addValidateResult ( $name , self :: ERR_INVALID_EMAIL );
return false ;
}
$this -> addValidData ( $name , $value );
return true ;
break ;
2010-03-01 10:20:25 +00:00
2010-12-17 15:23:00 +00:00
case 'regexp' :
2009-10-19 16:13:29 +00:00
case 'regex' :
if ( ! preg_match ( $cond , $value ))
{
$this -> addValidateResult ( $name , self :: ERR_INVALID_CHARS );
return false ;
}
$this -> addValidData ( $name , $value );
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
case 'callback' :
if ( ! call_user_func ( $cond , $value ))
{
$this -> addValidateResult ( $name , self :: ERR_INVALID_CHARS );
return false ;
}
$this -> addValidData ( $name , $value );
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
case 'instanceof' :
if ( ! ( is_object ( $value ) && $value instanceof $cond ))
{
$this -> addValidateResult ( $name , self :: ERR_INSTANCEOF_EXPECTED );
return false ;
}
$this -> addValidData ( $name , $value );
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
case 'int' :
case 'integer' :
2010-02-09 13:34:23 +00:00
if ( ! preg_match ( '/^-?[\d]+$/' , $value )) // negative values support
2009-10-19 16:13:29 +00:00
{
$this -> addValidateResult ( $name , self :: ERR_INT_EXPECTED );
return false ;
}
2010-02-09 13:34:23 +00:00
// BC! Will be removed after we replace '-' with ':' separator!
$tmp = $this -> parseMinMax ( $cond );
2009-10-19 16:13:29 +00:00
if ( is_numeric ( $tmp [ 0 ]) && ( integer ) $tmp [ 0 ] > ( integer ) $value )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_LOW );
return false ;
}
if ( is_numeric ( varset ( $tmp [ 1 ])) && ( integer ) $tmp [ 1 ] < ( integer ) $value )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_HIGH );
return false ;
}
$this -> addValidData ( $name , intval ( $value ));
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
case 'str' :
case 'string' :
2010-02-07 13:55:38 +00:00
case 'text' :
case 'varchar' :
2010-02-09 13:34:23 +00:00
$tmp = $this -> parseMinMax ( $cond );
2010-01-12 13:11:48 +00:00
$length = e107 :: getParser () -> ustrlen ( $value );
2009-10-19 16:13:29 +00:00
if ( is_numeric ( $tmp [ 0 ]) && ( integer ) $tmp [ 0 ] > $length )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_SHORT );
return false ;
}
2010-03-01 10:20:25 +00:00
2010-02-07 13:55:38 +00:00
if ( 'varchar' == $type && ! varset ( $tmp [ 1 ])) $tmp [ 1 ] = 255 ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
if ( is_numeric ( varset ( $tmp [ 1 ])) && ( integer ) $tmp [ 1 ] < $length )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_LONG );
return false ;
}
$this -> addValidData ( $name , ( string ) $value );
return true ;
break ;
2012-12-17 16:57:24 +02:00
case 'set' :
2010-03-01 10:20:25 +00:00
case 'enum' :
2012-12-17 16:57:24 +02:00
$tmp = array_map ( 'trim' , explode ( ',' , $cond ));
2010-03-01 10:20:25 +00:00
if ( ! $value || ! in_array ( $value , $tmp ))
{
$this -> addValidateResult ( $name , self :: ERR_FIELDS_MATCH );
return false ;
}
$this -> addValidData ( $name , ( string ) $value );
return true ;
break ;
2009-10-19 16:13:29 +00:00
case 'float' :
2018-05-04 19:27:00 +02:00
$value = e107 :: getParser () -> toNumber ( $value );
2009-10-19 16:13:29 +00:00
if ( ! is_numeric ( $value ))
{
$this -> addValidateResult ( $name , self :: ERR_FLOAT_EXPECTED );
return false ;
}
2010-02-09 13:34:23 +00:00
$tmp = $this -> parseMinMax ( $cond );
2009-10-19 16:13:29 +00:00
if ( is_numeric ( $tmp [ 0 ]) && ( float ) $tmp [ 0 ] > ( float ) $value )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_LOW );
return false ;
}
if ( is_numeric ( varset ( $tmp [ 1 ])) && ( float ) $tmp [ 1 ] < ( float ) $value )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_HIGH );
return false ;
}
2011-01-04 12:10:47 +00:00
$this -> addValidData ( $name , $value );
2009-10-19 16:13:29 +00:00
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
case 'array' :
if ( ! is_array ( $value ))
{
$this -> addValidateResult ( $name , self :: ERR_ARRAY_EXPECTED );
return false ;
}
$length = count ( $value );
2010-02-09 13:34:23 +00:00
$tmp = $this -> parseMinMax ( $cond );
2009-10-19 16:13:29 +00:00
if ( is_numeric ( $tmp [ 0 ]) && ( integer ) $tmp [ 0 ] > $length )
{
$this -> addValidateResult ( $name , self :: ERR_ARRCOUNT_LOW );
return false ;
}
if ( is_numeric ( varset ( $tmp [ 1 ])) && ( float ) $tmp [ 1 ] < $length )
{
$this -> addValidateResult ( $name , self :: ERR_ARRCOUNT_HIGH );
return false ;
}
$this -> addValidData ( $name , $value );
return true ;
break ;
2010-03-01 10:20:25 +00:00
2010-02-07 12:13:43 +00:00
case 'file' : // TODO - type image - validate dimensions?
parse_str ( $cond , $params );
$path = e107 :: getParser () -> replaceConstants ( varset ( $params [ 'base' ]) . $value );
2010-02-07 13:55:38 +00:00
if ( ! $value || ! is_file ( $path ))
2010-02-07 12:13:43 +00:00
{
$this -> addValidateResult ( $name , self :: ERR_NOT_FILE );
return false ;
}
if ( vartrue ( $params [ 'writable' ]) && ! is_writable ( $path ))
{
$this -> addValidateResult ( $name , self :: ERR_WRITABLE_FILE );
return false ;
}
if ( vartrue ( $params [ 'size' ]))
{
2010-02-09 13:34:23 +00:00
$tmp = $this -> parseMinMax ( $cond );
2010-02-07 12:13:43 +00:00
$fs = filesize ( $path );
2010-03-01 10:20:25 +00:00
if ( ! $fs || ( integer ) $tmp [ 0 ] > $fs )
2010-02-07 12:13:43 +00:00
{
$this -> addValidateResult ( $name , self :: ERR_SIZEMIN_FILE );
return false ;
}
2010-02-07 13:55:38 +00:00
elseif ( is_numeric ( varset ( $tmp [ 1 ])) && ( integer ) $tmp [ 1 ] < $fs )
2010-02-07 12:13:43 +00:00
{
$this -> addValidateResult ( $name , self :: ERR_SIZEMAX_FILE );
return false ;
}
2010-02-09 13:34:23 +00:00
}
if ( is_numeric ( varset ( $params [ 'maxlen' ])) && ( integer ) $params [ 'maxlen' ] < e107 :: getParser () -> ustrlen ( $value ))
{
$this -> addValidateResult ( $name , self :: ERR_TOO_LONG );
return false ;
2010-02-07 12:13:43 +00:00
}
$this -> addValidData ( $name , $value );
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
case 'compare' :
if ( ! is_array ( $value ))
{
$this -> addValidateResult ( $name , self :: ERR_UNEXPECTED_VALUE );
return false ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
if ( ! ( $value [ 0 ] && $value [ 1 ] && $value [ 0 ] == $value [ 1 ]))
{
$this -> addValidateResult ( $name , self :: ERR_FIELDS_MATCH );
return false ;
}
2010-03-01 10:20:25 +00:00
2010-02-07 13:55:38 +00:00
// check length
if ( $cond )
{
2010-02-09 13:34:23 +00:00
$tmp = $this -> parseMinMax ( $cond );
2010-02-07 13:55:38 +00:00
$length = e107 :: getParser () -> ustrlen ( $value [ 0 ]);
if ( is_numeric ( $tmp [ 0 ]) && ( integer ) $tmp [ 0 ] > $length )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_SHORT );
return false ;
}
if ( is_numeric ( varset ( $tmp [ 1 ])) && ( integer ) $tmp [ 1 ] < $length )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_LONG );
return false ;
}
}
2009-10-19 16:13:29 +00:00
$this -> addValidData ( $name , $value [ 0 ]);
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
case 'compare_strict' :
if ( ! is_array ( $value ))
{
$this -> addValidateResult ( $name , self :: ERR_UNEXPECTED_VALUE );
return false ;
}
if ( ! ( $value [ 0 ] && $value [ 1 ] && $value [ 0 ] === $value [ 1 ]))
{
$this -> addValidateResult ( $name , self :: ERR_FIELDS_MATCH );
return false ;
}
2010-03-01 10:20:25 +00:00
2010-02-07 13:55:38 +00:00
// check length
if ( $cond )
{
2010-02-09 13:34:23 +00:00
$tmp = $this -> parseMinMax ( $cond );
2010-02-07 13:55:38 +00:00
$length = e107 :: getParser () -> ustrlen ( $value [ 0 ]);
if ( is_numeric ( $tmp [ 0 ]) && ( integer ) $tmp [ 0 ] > $length )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_SHORT );
return false ;
}
if ( is_numeric ( varset ( $tmp [ 1 ])) && ( integer ) $tmp [ 1 ] < $length )
{
$this -> addValidateResult ( $name , self :: ERR_TOO_LONG );
return false ;
}
}
2009-10-19 16:13:29 +00:00
$this -> addValidData ( $name , $value [ 0 ]);
return true ;
break ;
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
default :
$this -> addValidateResult ( $name , self :: ERR_UNEXPECTED_VALUE );
return false ;
break ;
}
}
2018-05-04 19:27:00 +02:00
// moved to e_parse
// public function toNumber($value)
// {
// $larr = localeconv();
// $search = array(
// $larr['decimal_point'],
// $larr['mon_decimal_point'],
// $larr['thousands_sep'],
// $larr['mon_thousands_sep'],
// $larr['currency_symbol'],
// $larr['int_curr_symbol']
// );
// $replace = array('.', '.', '', '', '', '');
2011-01-04 12:10:47 +00:00
2018-05-04 19:27:00 +02:00
// return str_replace($search, $replace, $value);
// }
2010-03-01 10:20:25 +00:00
2010-02-09 13:34:23 +00:00
protected function parseMinMax ( $string )
{
return explode ( ':' , $this -> _convertConditionBC ( $string ), 2 );
}
2010-03-01 10:20:25 +00:00
2010-02-09 13:34:23 +00:00
private function _convertConditionBC ( $condition )
{
// BC! Will be removed after we replace '-' with ':' separator!
2010-03-01 10:20:25 +00:00
if ( strpos ( $condition , ':' ) === false )
{
2010-02-09 13:34:23 +00:00
return preg_replace ( '/^([0-9]+)-([0-9]+)$/' , '$1:$2' , $condition );
}
2010-03-01 10:20:25 +00:00
return $condition ;
2010-02-09 13:34:23 +00:00
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Add validation error to validate result stack
*
* @ param string $field_title
* @ param string $err_code
* @ param string $err_message
* @ param string $custom
* @ return e_validator
*/
function addValidateMessage ( $field_title , $err_code = 0 , $err_message = '' , $custom = '' )
{
2013-10-31 15:20:21 +02:00
$tp = e107 :: getParser ();
2013-10-29 18:41:02 -07:00
$lanVars = array (
'x' => $field_title ,
'y' => $err_code ,
'z' => $this -> getErrorByCode ( $err_code )
);
2009-10-19 16:13:29 +00:00
if ( $custom )
{
2009-10-20 16:05:03 +00:00
e107 :: getMessage () -> addStack ( sprintf ( $err_message , $err_code , $field_title ), $this -> _message_stack , ( true === $custom ? E_MESSAGE_ERROR : $custom ));
2009-10-19 16:13:29 +00:00
return $this ;
}
2010-10-30 15:34:48 +00:00
//Additional message
$lan = LAN_VALIDATE_FAILMSG ;
$dbgmsg = false ;
if ( $err_message )
{
2013-10-29 18:41:02 -07:00
$lan = ( ! $field_title || strpos ( $err_message , '[x]' ) !== false ? '' : '[x] - ' ) . $err_message ; // custom, e.g. // default '<strong>"%1$s"</strong> field error: Custom error message. '
2012-04-03 14:39:19 +00:00
$dbgmsg = LAN_VALIDATE_FAILMSG ;
2010-10-30 15:34:48 +00:00
}
2009-10-19 16:13:29 +00:00
//Core message
2013-10-29 18:41:02 -07:00
/*
2009-10-19 16:13:29 +00:00
$msg = sprintf (
2010-10-30 15:34:48 +00:00
$lan , // default '<strong>"%1$s"</strong> validation error: [#%2$d] %3$s. '
2010-03-01 10:20:25 +00:00
$field_title ,
2009-10-19 16:13:29 +00:00
$err_code ,
$this -> getErrorByCode ( $err_code )
);
2013-10-29 18:41:02 -07:00
*/
//NEW - removes need for using sprintf()
$msg = $tp -> lanVars ( $lan , $lanVars , true ); // '[x] validation error: [y] [z].'
2010-03-01 10:20:25 +00:00
2010-10-30 15:34:48 +00:00
if ( $dbgmsg && defset ( 'e107_DEBUG_LEVEL' ))
2009-10-19 16:13:29 +00:00
{
2013-10-29 18:41:02 -07:00
e107 :: getMessage () -> addDebug ( $tp -> lanVars ( $dbgmsg , $lanVars ));
/*
2010-10-30 15:34:48 +00:00
e107 :: getMessage () -> addDebug ( sprintf (
$dbgmsg ,
$field_title ,
$err_code ,
$this -> getErrorByCode ( $err_code )
));
2013-10-29 18:41:02 -07:00
*/
2009-10-19 16:13:29 +00:00
}
2010-10-30 15:34:48 +00:00
2009-10-19 16:13:29 +00:00
e107 :: getMessage () -> addStack ( $msg , $this -> _message_stack , E_MESSAGE_ERROR );
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Get validate message array
*
* @ param boolean $clear
* @ return array
*/
function getValidateMessages ( $clear = true )
{
return e107 :: getMessage () -> getAll ( $this -> _message_stack , true , $clear );
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Render validate messages
2010-03-01 10:20:25 +00:00
*
2009-10-19 16:13:29 +00:00
* @ param boolean $session merge with session messages
* @ param boolean $clear
* @ return string
*/
function renderValidateMessages ( $session = false , $clear = true )
{
return e107 :: getMessage () -> render ( $this -> _message_stack , $session , $clear );
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
2009-10-20 16:05:03 +00:00
* @ param boolean $session clear session messages as well , default true
2009-10-19 16:13:29 +00:00
* @ return e_validator
*/
2009-10-20 16:05:03 +00:00
function clearValidateMessages ( $session = true )
2009-10-19 16:13:29 +00:00
{
2009-10-20 16:05:03 +00:00
e107 :: getMessage () -> reset ( false , $this -> _message_stack , $session );
2009-10-19 16:13:29 +00:00
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Add validate error code for a field
*
* @ param string $name
* @ param integer $code
* @ return e_validator
*/
function addValidateResult ( $name , $code )
{
$this -> _validation_results [ $name ] = $code ;
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Get validate result array
*
* @ param boolean $clear
* @ return array
*/
function getValidateResults ( $clear = true )
{
return $this -> _validation_results ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Get validate result for a field
*
* @ param string $field
* @ param mixed $default
* @ return integer error code
*/
2010-02-07 12:13:43 +00:00
function getErrorCode ( $field , $default = 0 )
2009-10-19 16:13:29 +00:00
{
2009-11-17 15:23:01 +00:00
return ( isset ( $this -> _validation_results [ $field ]) ? $this -> _validation_results [ $field ] : $default );
2009-10-19 16:13:29 +00:00
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Get error string by given error code
*
* @ param string $error_code
* @ return integer error code
*/
function getErrorByCode ( $error_code )
{
$lan = 'LAN_VALIDATE_' . $error_code ;
return defset ( $lan , $lan );
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ return e_validator
*/
function clearValidateResults ()
{
$this -> _validation_results = array ();
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* @ return boolean
*/
function isValid ()
{
return empty ( $this -> _is_valid_data );
}
2012-03-16 14:18:55 +00:00
/**
* Set validation status
*
* @ param boolean $status
* @ return e_validator
*/
public function setIsValidData ( $status )
{
$this -> _is_valid_data = ( boolean ) $status ;
return $this ;
}
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
/**
* Reset object validate result data
* @ return e_validator
*/
function reset ()
{
2012-03-16 14:18:55 +00:00
$this -> setIsValidData ( true );
2009-10-19 16:13:29 +00:00
$this -> _valid_data = array ();
$this -> clearValidateResults ()
-> clearValidateMessages ();
2010-03-01 10:20:25 +00:00
2009-10-19 16:13:29 +00:00
return $this ;
}
}
2008-12-21 11:07:58 +00:00
/*
The validator functions use an array of parameters for each variable to be validated .
The index of the parameter array is the destination field name .
2008-12-30 14:05:44 +00:00
2008-12-21 11:07:58 +00:00
Possible processing options :
'srcname' - specifies the array index of the source data , where its different to the destination index
'dbClean' - method for preparing the value to write to the DB ( done as final step before returning ) . Options are :
2008-12-28 22:37:43 +00:00
- 'toDB' - passes final value through $tp -> toDB ()
- 'intval' - converts to an integer
- 'image' - checks image for size
- 'avatar' - checks an image in the avatars directory
2008-12-21 11:07:58 +00:00
'stripTags' - strips HTML tags from the value ( not an error if there are some )
'minLength' - minimum length ( in utf - 8 characters ) for the string
'maxLength' - minimum length ( in utf - 8 characters ) for the string
'minVal' - lowest allowed value for numerics
'maxVal' - highest allowed value for numerics
'longTrim' - if set , and the string exceeds maxLength , its trimmed
'enablePref' - value is processed only if the named $pref evaluates to true ; otherwise any input is discarded without error
'dataType' - selects special processing methods :
1 - array of numerics ( e . g . class membership )
2008-12-30 14:05:44 +00:00
In general , only define an option if its to be used
2008-12-21 11:07:58 +00:00
*/
2012-01-13 13:06:11 +00:00
/* [ Berckoff ]
* Added " public static " to each method as the parser generates errors ( and methods are called statically everywhere )
*/
2008-12-21 11:07:58 +00:00
class validatorClass
{
// Passed an array of 'source' fields and an array of definitions to validate. The definition may include the name of a validation function.
// Returns three arrays - one of validated results, one of failed fields and one of errors corresponding to the failed fields
// Normally processes only those source fields it finds (and for which it has a definition). If $addDefaults is true, sets defaults for those that have
// ...one and aren't otherwise defined.
2012-01-13 13:06:11 +00:00
public static function validateFields ( & $sourceFields , & $definitions , $addDefaults = FALSE )
2008-12-21 11:07:58 +00:00
{
global $tp , $pref ;
2009-01-11 21:06:52 +00:00
$ret = array ( 'data' => array (), 'failed' => array (), 'errors' => array ());
2009-07-31 16:14:51 +00:00
2008-12-21 11:07:58 +00:00
foreach ( $definitions as $dest => $defs )
{
$errNum = 0 ; // Start with no error
2010-03-01 10:20:25 +00:00
2009-07-31 16:14:51 +00:00
if ( ! is_array ( $defs )) //default rule - dbClean -> toDB
{
$defs = array ( 'dbClean' , ( $defs ? $defs : 'toDB' ));
}
2008-12-21 11:07:58 +00:00
$src = varset ( $defs [ 'srcName' ], $dest ); // Set source field name
if ( ! isset ( $sourceFields [ $src ]))
{
if ( $addDefaults )
{
if ( isset ( $defs [ 'default' ]))
{
2009-01-11 21:06:52 +00:00
$ret [ 'data' ] = $defs [ 'default' ]; // Set default value if one is specified
2008-12-21 11:07:58 +00:00
} //...otherwise don't add the value at all
}
else
{
2015-02-14 23:34:15 -08:00
if ( ! vartrue ( $defs [ 'fieldOptional' ]))
2009-10-06 18:58:08 +00:00
{
$ret [ 'errors' ][ $dest ] = ERR_MISSING_VALUE ; // No source value
}
2008-12-21 11:07:58 +00:00
}
}
else
{ // Got a field we want, and some data to validate here
$value = $sourceFields [ $src ];
if ( ! $errNum && isset ( $defs [ 'enablePref' ]))
{ // Only process this field if a specified pref enables it
2015-02-14 23:34:15 -08:00
if ( ! vartrue ( $pref [ $defs [ 'enablePref' ]]))
2008-12-21 11:07:58 +00:00
{
continue ; // Just loop to the next field - ignore this one.
}
2008-12-30 14:05:44 +00:00
}
2008-12-21 11:07:58 +00:00
if ( ! $errNum && isset ( $defs [ 'stripTags' ]))
{
$newValue = trim ( strip_tags ( $value ));
if ( $newValue <> $value )
{
$errNum = ERR_INVALID_CHARS ;
}
$value = $newValue ;
2008-12-30 14:05:44 +00:00
}
2008-12-21 11:07:58 +00:00
if ( ! $errNum && isset ( $defs [ 'stripChars' ]))
{
$newValue = trim ( preg_replace ( $defs [ 'stripChars' ], " " , $value ));
if ( $newValue <> $value )
{
2009-07-31 16:14:51 +00:00
//echo "Invalid: {$newValue} :: {$value}<br />";
2008-12-21 11:07:58 +00:00
$errNum = ERR_INVALID_CHARS ;
}
$value = $newValue ;
}
2010-01-12 13:11:48 +00:00
if ( ! $errNum && isset ( $defs [ 'minLength' ]) && ( $tp -> ustrlen ( $value ) < $defs [ 'minLength' ]))
2008-12-21 11:07:58 +00:00
{
2010-03-01 10:20:25 +00:00
if ( $value == '' )
2008-12-21 11:07:58 +00:00
{
2015-02-14 23:34:15 -08:00
if ( ! vartrue ( $defs [ 'fieldOptional' ]))
2009-10-06 18:58:08 +00:00
{
$errNum = ERR_MISSING_VALUE ;
}
2008-12-21 11:07:58 +00:00
}
else
{
$errNum = ERR_TOO_SHORT ;
}
}
2010-01-12 13:11:48 +00:00
if ( ! $errNum && isset ( $defs [ 'maxLength' ]) && $tp -> ustrlen ( $value ) > $defs [ 'maxLength' ])
2008-12-21 11:07:58 +00:00
{
2015-02-14 23:34:15 -08:00
if ( vartrue ( $defs [ 'longtrim' ]))
2008-12-21 11:07:58 +00:00
{
$value = substr ( $value , 0 , $defs [ 'maxLength' ]);
}
else
{
$errNum = ERR_TOO_LONG ;
}
}
2009-07-31 16:14:51 +00:00
if ( ! $errNum && isset ( $defs [ 'minVal' ]) && ( $value < $defs [ 'minVal' ]))
2008-12-21 11:07:58 +00:00
{
$errNum = ERR_TOO_LOW ;
}
2009-07-31 16:14:51 +00:00
if ( ! $errNum && isset ( $defs [ 'maxVal' ]) && ( $value < $defs [ 'maxVal' ]))
2008-12-21 11:07:58 +00:00
{
$errNum = ERR_TOO_HIGH ;
}
if ( ! $errNum && isset ( $defs [ 'fixedBlock' ]))
{
2010-01-12 13:11:48 +00:00
$newValue = $tp -> ustrtolower ( $value );
2008-12-21 11:07:58 +00:00
$temp = explode ( ',' , $defs [ 'fixedBlock' ]);
foreach ( $temp as $t )
{
2010-01-12 13:11:48 +00:00
if ( $newValue == $tp -> ustrtolower ( $t ))
2008-12-21 11:07:58 +00:00
{
$errNum = ERR_INVALID_WORD ;
break ;
}
}
}
if ( ! $errNum && isset ( $defs [ 'dataType' ]))
{
2008-12-30 14:05:44 +00:00
switch ( $defs [ 'dataType' ])
2008-12-21 11:07:58 +00:00
{
2009-08-08 23:09:08 +00:00
case 1 : // Assumes we've passed an array variable to be turned into a comma-separated list of integers
2008-12-21 11:07:58 +00:00
if ( is_array ( $value ))
{
$temp = array ();
foreach ( $value as $v )
{
2009-08-08 23:09:08 +00:00
$v = trim ( $v );
if ( is_numeric ( $v ))
{
$temp [] = intval ( $v );
}
2008-12-21 11:07:58 +00:00
}
2009-08-08 23:09:08 +00:00
$value = implode ( ',' , array_unique ( $temp ));
2008-12-21 11:07:58 +00:00
}
else
{
$errNum = ERR_ARRAY_EXPECTED ;
}
2008-12-21 22:17:05 +00:00
break ;
2008-12-28 22:37:43 +00:00
case 2 : // Assumes we're processing a dual password field - array name for second value is one more than for first
$src2 = substr ( $src , 0 , - 1 ) . ( substr ( $src , - 1 , 1 ) + 1 );
if ( ! isset ( $sourceFields [ $src2 ]) || ( $sourceFields [ $src2 ] != $value ))
{
$errNum = ERR_PASSWORDS_DIFFERENT ;
}
break ;
2008-12-21 11:07:58 +00:00
default :
$errNum = ERR_CODE_ERROR ; // Pick up bad values
}
}
if ( ! $errNum )
{
if ( isset ( $defs [ 'dbClean' ]))
{
switch ( $defs [ 'dbClean' ])
{
case 'toDB' :
$value = $tp -> toDB ( $value );
break ;
case 'intval' :
$value = intval ( $value );
break ;
2008-12-28 22:37:43 +00:00
case 'avatar' : // Special case of an image - may be found in the avatars directory
if ( preg_match ( '#[0-9\._]#' , $value ))
{
if ( strpos ( '-upload-' , $value ) === 0 )
{
2013-04-19 22:50:41 -07:00
$img = e_AVATAR_UPLOAD . str_replace ( '-upload-' , '' , $value ); // Its a user-uploaded image
2008-12-28 22:37:43 +00:00
}
2015-08-22 00:15:05 -07:00
elseif ( strpos ( $value , '//' ) !== false )
2008-12-28 22:37:43 +00:00
{
$img = $value ; // Its a remote image
}
2011-03-14 20:54:56 +00:00
else
{
2013-04-19 22:50:41 -07:00
$img = e_AVATAR_DEFAULT . $value ; // Its a server-stored image
2011-03-14 20:54:56 +00:00
}
2008-12-28 22:37:43 +00:00
}
// Deliberately fall through into normal image processing
case 'image' : // File is an image name. $img may be set if we fall through from 'avatar' option - its the 'true' path to the image
if ( ! isset ( $img ) && isset ( $defs [ 'imagePath' ]))
{
$img = $defs [ 'imagePath' ] . $value ;
}
$img = varset ( $img , $value );
2013-04-19 22:50:41 -07:00
//XXX There should be no size limits - as image sizes are handled by thumb.php
2008-12-28 22:37:43 +00:00
if ( $size = getimagesize ( $img ))
{
// echo "Image {$img} size: {$size[0]} x {$size[1]}<br />";
if ( isset ( $defs [ 'maxWidth' ]) && $size [ 0 ] > $defs [ 'maxWidth' ])
{ // Image too wide
2013-04-19 22:50:41 -07:00
// $errNum = ERR_IMAGE_TOO_WIDE;
2008-12-28 22:37:43 +00:00
}
if ( isset ( $defs [ 'maxHeight' ]) && $size [ 1 ] > $defs [ 'maxHeight' ])
{ // Image too high
2013-04-19 22:50:41 -07:00
// $errNum = ERR_IMAGE_TOO_HIGH;
2008-12-28 22:37:43 +00:00
}
}
else
{
// echo "Image {$img} not found or cannot size - original value {$value}<br />";
}
unset ( $img );
break ;
2008-12-21 11:07:58 +00:00
default :
echo " Invalid dbClean method: { $defs [ 'dbClean' ] } <br /> " ; // Debug message
}
}
2009-01-11 21:06:52 +00:00
$ret [ 'data' ][ $dest ] = $value ; // Success!!
2008-12-21 11:07:58 +00:00
}
}
if ( $errNum )
{ // error to report
$ret [ 'errors' ][ $dest ] = $errNum ;
2008-12-28 22:37:43 +00:00
if ( $defs [ 'dataType' ] == 2 )
{
$ret [ 'failed' ][ $dest ] = str_repeat ( '*' , strlen ( $sourceFields [ $src ])); // Save value with error - obfuscated
}
else
{
$ret [ 'failed' ][ $dest ] = $sourceFields [ $src ]; // Save value with error
}
2008-12-21 11:07:58 +00:00
}
}
return $ret ;
}
/*
// Validate data against a DB table
// Inspects the passed array of user data (not necessarily containing all possible fields) and validates against the DB where appropriate.
// Just skips over fields for which we don't have a validation routine without an error
2009-01-11 21:06:52 +00:00
// The target array is as returned from validateFields(), so has 'data', 'failed' and 'errors' first-level sub-arrays
2008-12-21 11:07:58 +00:00
// All the 'vetting methods' begin 'vet', and don't overlap with validateFields(), so the same definition array may be used for both
// Similarly, error numbers don't overlap with validateFields()
// Typically checks for unacceptable duplicates, banned users etc
// Any errors are reflected by updating the passed array.
// Returns TRUE if all data validates, FALSE if any field fails to validate. Checks all fields which are present, regardless
// For some things we need to know the user_id of the data being validated, so may return an error if that isn't specified
Parameters :
'vetMethod' - see list below . To use more than one method , specify comma - separated
'vetParam' - possible parameter for some vet methods
Valid 'vetMethod' values ( use comma separated list for multiple vetting ) :
0 - Null method
1 - Check for duplicates - field name in table must be the same as array index unless 'dbFieldName' specifies otherwise
2 - Check against the comma - separated wordlist in the $pref named in vetParam [ 'signup_disallow_text' ]
2008-12-21 22:17:05 +00:00
3 - Check email address against remote server , only if option enabled
2008-12-30 14:05:44 +00:00
2008-12-21 11:07:58 +00:00
*/
2012-01-13 13:06:11 +00:00
public static function dbValidateArray ( & $targetData , & $definitions , $targetTable , $userID = 0 )
2008-12-21 11:07:58 +00:00
{
global $pref ;
$u_sql = new db ;
$allOK = TRUE ;
$userID = intval ( $userID ); // Precautionary
2009-10-06 18:58:08 +00:00
$errMsg = '' ;
2008-12-21 11:07:58 +00:00
if ( ! $targetTable ) return FALSE ;
2009-01-11 21:06:52 +00:00
foreach ( $targetData [ 'data' ] as $f => $v )
2008-12-21 11:07:58 +00:00
{
$errMsg = '' ;
if ( isset ( $definitions [ $f ]))
{
$options = $definitions [ $f ]; // Validation options to use
2015-02-14 23:34:15 -08:00
if ( ! vartrue ( $options [ 'fieldOptional' ]) || ( $v != '' ))
2008-12-21 11:07:58 +00:00
{
$toDo = explode ( ',' , $options [ 'vetMethod' ]);
foreach ( $toDo as $vm )
{
switch ( $vm )
{
case 0 : // Shouldn't get this - just do nothing if we do
break ;
2008-12-30 14:05:44 +00:00
case 1 : // Check for duplicates.
2008-12-21 11:07:58 +00:00
if ( $v == '' )
{
$errMsg = ERR_MISSING_VALUE ;
break ;
}
$field = varset ( $options [ 'dbFieldName' ], $f );
2017-09-19 16:19:39 -07:00
if ( $temp = $u_sql -> count ( $targetTable , " (*) " , " WHERE ` { $f } `=' " . filter_var ( $v , FILTER_SANITIZE_STRING ) . " ' AND `user_id` != " . $userID ))
2008-12-21 11:07:58 +00:00
{
$errMsg = ERR_DUPLICATE ;
}
// echo "Duplicate check: {$f} = {$v} Result: {$temp}<br />";
break ;
case 2 : // Check against $pref
if ( isset ( $options [ 'vetParam' ]) && isset ( $pref [ $options [ 'vetParam' ]]))
{
$tmp = explode ( " , " , $pref [ $options [ 'vetParam' ]]);
foreach ( $tmp as $disallow )
2012-01-13 13:15:23 +00:00
{
if ( '!' == substr ( trim ( $disallow ), - 1 ) && $v == str_replace ( '!' , '' , $disallow ))
{ // Exact match search (noticed with exclamation mark in the end of the word)
$errMsg = ERR_DISALLOWED_TEXT_EXACT_MATCH ;
2012-01-13 13:06:11 +00:00
}
2012-01-13 13:15:23 +00:00
elseif ( stristr ( $v , trim ( $disallow )))
2012-01-13 13:06:11 +00:00
{ // Wild card search
2012-01-13 13:15:23 +00:00
$errMsg = ERR_DISALLOWED_TEXT ;
2008-12-21 11:07:58 +00:00
}
}
unset ( $tmp );
}
break ;
2008-12-21 22:17:05 +00:00
case 3 : // Check email address against remote server
2015-08-21 12:53:09 -07:00
/* if ( vartrue ( $pref [ 'signup_remote_emailcheck' ]))
2008-12-21 22:17:05 +00:00
{
require_once ( e_HANDLER . " mail_validation_class.php " );
list ( $adminuser , $adminhost ) = split ( " @ " , SITEADMINEMAIL );
$validator = new email_validation_class ;
$validator -> localuser = $adminuser ;
$validator -> localhost = $adminhost ;
$validator -> timeout = 3 ;
// $validator->debug=1;
// $validator->html_debug=1;
if ( $validator -> ValidateEmailBox ( trim ( $v )) != 1 )
{
$errMsg = ERR_INVALID_EMAIL ;
}
}
2015-08-21 12:53:09 -07:00
*/
2008-12-21 22:17:05 +00:00
break ;
default :
echo 'Invalid vetMethod: ' . $options [ 'vetMethod' ] . '<br />' ; // Really a debug aid - should never get here
2008-12-21 11:07:58 +00:00
}
if ( $errMsg ) { break ; } // Just trap first error
}
// Add in other validation methods here
}
}
if ( $errMsg )
{ // Update the error
$targetData [ 'errors' ][ $f ] = $errMsg ;
$targetData [ 'failed' ][ $f ] = $v ;
2009-01-11 21:06:52 +00:00
unset ( $targetData [ 'data' ][ $f ]); // Remove the valid entry
2008-12-21 11:07:58 +00:00
$allOK = FALSE ;
}
}
return $allOK ;
}
// Given a comma-separated string of required fields, and an array of data, adds an error message for each field which doesn't already have an entry.
// Returns TRUE if no changes (which doesn't mean there are no errors - other routines may have found them). FALSE if new errors
2012-01-13 13:06:11 +00:00
public static function checkMandatory ( $fieldList , & $target )
2008-12-21 11:07:58 +00:00
{
$fields = explode ( ',' , $fieldList );
$allOK = TRUE ;
foreach ( $fields as $f )
{
2009-01-11 21:06:52 +00:00
if ( ! isset ( $target [ 'data' ][ $f ]) && ! isset ( $target [ 'errors' ][ $f ]))
2008-12-21 11:07:58 +00:00
{
$allOK = FALSE ;
$targetData [ 'errors' ][ $f ] = ERR_MISSING_VALUE ;
}
}
return $allOK ;
}
2008-12-30 14:05:44 +00:00
2009-01-11 21:06:52 +00:00
// Adds the _FIELD_TYPES array to the data, ready for saving in the DB.
// $fieldList is the standard definition array
2012-01-13 13:06:11 +00:00
public static function addFieldTypes ( $fieldList , & $target , $auxList = FALSE )
2009-01-11 21:06:52 +00:00
{
$target [ '_FIELD_TYPES' ] = array (); // We should always want to recreate the array, even if it exists
foreach ( $target [ 'data' ] as $k => $v )
{
if ( isset ( $fieldList [ $k ]) && isset ( $fieldList [ $k ][ 'fieldType' ]))
{
$target [ '_FIELD_TYPES' ][ $k ] = $fieldList [ $k ][ 'fieldType' ];
}
2009-01-11 22:11:19 +00:00
elseif ( is_array ( $auxList ) && isset ( $auxList [ $k ]))
{
$target [ '_FIELD_TYPES' ][ $k ] = $auxList [ $k ];
}
2009-01-11 21:06:52 +00:00
}
}
2008-12-21 11:07:58 +00:00
// Given two arrays, returns an array of those elements in $input which are different from the corresponding element in $refs.
// If $addMissing == TRUE, includes any element in $input for which there isn't a corresponding element in $refs
2012-01-13 13:06:11 +00:00
public static function findChanges ( & $input , & $refs , $addMissing = FALSE )
2008-12-21 11:07:58 +00:00
{
$ret = array ();
foreach ( $input as $k => $v )
{
2009-06-12 20:41:35 +00:00
if ( array_key_exists ( $k , $refs ))
2008-12-21 11:07:58 +00:00
{
if ( $refs [ $k ] != $v ) { $ret [ $k ] = $v ; }
}
else
{
if ( $addMissing ) { $ret [ $k ] = $v ; }
}
}
return $ret ;
}
// Given a vetted array of variables, generates a list of errors using the specified format string.
// %n is the error number (as stored on the array)
// %t is the corresponding error message, made by concatenating $constPrefix and the error number to form a constant (e.g. $constPrefix = 'USER_ERROR_')
// %v calls up the entered value
// %f is the field name
// %x is the 'nice name' - possible if parameter list passed. Otherwise field name added
// $EOL is inserted after all messages except the last.
// If $EOL is an empty string, returns an array of messages.
2012-01-13 13:06:11 +00:00
public static function makeErrorList ( $vars , $constPrefix , $format = '%n - %x %t: %v' , $EOL = '<br />' , $niceNames = NULL )
2008-12-21 11:07:58 +00:00
{
if ( count ( $vars [ 'errors' ]) == 0 ) return '' ;
$eList = array ();
$checkNice = ( $niceNames != NULL ) && is_array ( $niceNames );
foreach ( $vars [ 'errors' ] as $f => $n )
{
$curLine = $format ;
$curLine = str_replace ( '%n' , $n , $curLine );
2008-12-21 22:17:05 +00:00
if (( $n == ERR_GENERIC ) && isset ( $vars [ 'errortext' ][ $f ]))
{
$curLine = str_replace ( '%t' , $vars [ 'errortext' ][ $f ], $curLine ); // Coder-defined specific error text
}
else
{
$curLine = str_replace ( '%t' , constant ( $constPrefix . $n ), $curLine ); // Standard messages
}
2012-06-02 14:36:22 +00:00
if ( empty ( $vars [ 'failed' ][ $f ]))
{
$vars [ 'failed' ][ $f ] = LAN_VALIDATE_191 ;
2015-05-24 12:12:24 -07:00
// print_a($vars['failed']);
2012-06-02 14:36:22 +00:00
}
2012-08-10 09:13:01 +00:00
$curLine = str_replace ( '%v' , filter_var ( $vars [ 'failed' ][ $f ], FILTER_SANITIZE_SPECIAL_CHARS ), $curLine );
2008-12-21 11:07:58 +00:00
$curLine = str_replace ( '%f' , $f , $curLine );
if ( $checkNice & isset ( $niceNames [ $f ][ 'niceName' ]))
{
$curLine = str_replace ( '%x' , $niceNames [ $f ][ 'niceName' ], $curLine );
}
else
{
$curLine = str_replace ( '%x' , $f , $curLine ); // Just use the field name
}
$eList [] = $curLine ;
}
if ( $EOL == '' ) return $eList ;
return implode ( $EOL , $eList );
}
}