PageRenderTime 24ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/application/libraries/Validation.php

http://github.com/ushahidi/Ushahidi_Web
PHP | 859 lines | 481 code | 122 blank | 256 comment | 68 complexity | 33dbd788aa7ff72828bc9c589dd806a2 MD5 | raw file
Possible License(s): LGPL-2.1 
    

  1. <?php defined('SYSPATH') or die('No direct script access.');
    2. 

  2. /**
    3. 

  3.  * Validation library.
    4. 

  4.  *
    5. 

  5.  * $Id: Validation.php 3127 2008-07-16 14:43:52Z Shadowhand $
    6. 

  6.  *
    7. 

  7.  * @package    Validation
    8. 

  8.  * @author     Kohana Team
    9. 

  9.  * @copyright  (c) 2007-2008 Kohana Team
    10. 

  10.  * @license    http://kohanaphp.com/license.html
    11. 

  11.  */
    12. 

  12. class Validation_Core extends ArrayObject {
    13. 

  13. 

  14. 	// Unique "any field" key
    15. 

  15. 	protected $any_field;
    16. 

  16. 

  17. 	// Array fields
    18. 

  18. 	protected $array_fields = array();
    19. 

  19. 

  20. 	// Filters
    21. 

  21. 	protected $pre_filters = array();
    22. 

  22. 	protected $post_filters = array();
    23. 

  23. 

  24. 	// Rules and callbacks
    25. 

  25. 	protected $rules = array();
    26. 

  26. 	protected $callbacks = array();
    27. 

  27. 

  28. 	// Rules that are allowed to run on empty fields
    29. 

  29. 	protected $empty_rules = array('required', 'matches');
    30. 

  30. 

  31. 	// Errors
    32. 

  32. 	protected $errors = array();
    33. 

  33. 	protected $error_message_args = array();
    34. 

  34. 	protected $messages = array();
    35. 

  35. 

  36. 	// Checks if there is data to validate.
    37. 

  37. 	protected $submitted;
    38. 

  38. 

  39. 	/**
    40. 

  40. 	 * Whether CSRF validation has succeeded
    41. 

  41. 	 * @var bool
    42. 

  42. 	 */
    43. 

  43. 	protected $csrf_validation_failed = FALSE;
    44. 

  44. 

  45. 	public static $is_api_request = FALSE;
    46. 

  46. 

  47. 	/**
    48. 

  48. 	 * Creates a new Validation instance.
    49. 

  49. 	 *
    50. 

  50. 	 * @param   array   array to use for validation
    51. 

  51. 	 * @return  object
    52. 

  52. 	 */
    53. 

  53. 	public static function factory($array = NULL)
    54. 

  54. 	{
    55. 

  55. 		return new Validation( ! is_array($array) ? $_POST : $array);
    56. 

  56. 	}
    57. 

  57. 

  58. 	/**
    59. 

  59. 	 * Sets the unique "any field" key and creates an ArrayObject from the
    60. 

  60. 	 * passed array.
    61. 

  61. 	 *
    62. 

  62. 	 * @param   array   array to validate
    63. 

  63. 	 * @return  void
    64. 

  64. 	 */
    65. 

  65. 	public function __construct(array $array)
    66. 

  66. 	{
    67. 

  67. 		// Set a dynamic, unique "any field" key
    68. 

  68. 		$this->any_field = uniqid(NULL, TRUE);
    69. 

  69. 

  70. 		// Test if there is any actual data
    71. 

  71. 		$this->submitted = (count($array) > 0);
    72. 

  72. 

  73. 		parent::__construct($array, ArrayObject::ARRAY_AS_PROPS | ArrayObject::STD_PROP_LIST);
    74. 

  74. 	}
    75. 

  75. 

  76. 	/**
    77. 

  77. 	 * Test if the data has been submitted.
    78. 

  78. 	 *
    79. 

  79. 	 * @return  boolean
    80. 

  80. 	 */
    81. 

  81. 	public function submitted($value = NULL)
    82. 

  82. 	{
    83. 

  83. 		if (is_bool($value))
    84. 

  84. 		{
    85. 

  85. 			$this->submitted = $value;
    86. 

  86. 		}
    87. 

  87. 

  88. 		return $this->submitted;
    89. 

  89. 	}
    90. 

  90. 

  91. 	/**
    92. 

  92. 	 * Returns the ArrayObject values.
    93. 

  93. 	 *
    94. 

  94. 	 * @return  array
    95. 

  95. 	 */
    96. 

  96. 	public function as_array()
    97. 

  97. 	{
    98. 

  98. 		return $this->getArrayCopy();
    99. 

  99. 	}
    100. 

  100. 

  101. 	/**
    102. 

  102. 	 * Returns the ArrayObject values, removing all inputs without rules.
    103. 

  103. 	 * To choose specific inputs, list the field name as arguments.
    104. 

  104. 	 *
    105. 

  105. 	 * @return  array
    106. 

  106. 	 */
    107. 

  107. 	public function safe_array()
    108. 

  108. 	{
    109. 

  109. 		// All the fields that are being validated
    110. 

  110. 		$all_fields = array_unique(array_merge
    111. 

  111. 		(
    112. 

  112. 			array_keys($this->pre_filters),
    113. 

  113. 			array_keys($this->rules),
    114. 

  114. 			array_keys($this->callbacks),
    115. 

  115. 			array_keys($this->post_filters)
    116. 

  116. 		));
    117. 

  117. 

  118. 		// Load choices
    119. 

  119. 		$choices = func_get_args();
    120. 

  120. 		$choices = empty($choices) ? NULL : array_combine($choices, $choices);
    121. 

  121. 

  122. 		$safe = array();
    123. 

  123. 		foreach ($all_fields as $i => $field)
    124. 

  124. 		{
    125. 

  125. 			// Ignore "any field" key
    126. 

  126. 			if ($field === $this->any_field) continue;
    127. 

  127. 

  128. 			if (isset($this->array_fields[$field]))
    129. 

  129. 			{
    130. 

  130. 				// Use the key field
    131. 

  131. 				$field = $this->array_fields[$field];
    132. 

  132. 			}
    133. 

  133. 

  134. 			if ($choices === NULL OR isset($choices[$field]))
    135. 

  135. 			{
    136. 

  136. 				// Make sure all fields are defined
    137. 

  137. 				$safe[$field] = isset($this[$field]) ? $this[$field] : NULL;
    138. 

  138. 			}
    139. 

  139. 		}
    140. 

  140. 

  141. 		return $safe;
    142. 

  142. 	}
    143. 

  143. 

  144. 	/**
    145. 

  145. 	 * Add additional rules that will forced, even for empty fields. All arguments
    146. 

  146. 	 * passed will be appended to the list.
    147. 

  147. 	 *
    148. 

  148. 	 * @chainable
    149. 

  149. 	 * @param   string   rule name
    150. 

  150. 	 * @return  object
    151. 

  151. 	 */
    152. 

  152. 	public function allow_empty_rules($rules)
    153. 

  153. 	{
    154. 

  154. 		// Any number of args are supported
    155. 

  155. 		$rules = func_get_args();
    156. 

  156. 

  157. 		// Merge the allowed rules
    158. 

  158. 		$this->empty_rules = array_merge($this->empty_rules, $rules);
    159. 

  159. 

  160. 		return $this;
    161. 

  161. 	}
    162. 

  162. 

  163. 	/**
    164. 

  164. 	 * Add a pre-filter to one or more inputs.
    165. 

  165. 	 *
    166. 

  166. 	 * @chainable
    167. 

  167. 	 * @param   callback  filter
    168. 

  168. 	 * @param   string    fields to apply filter to, use TRUE for all fields
    169. 

  169. 	 * @return  object
    170. 

  170. 	 */
    171. 

  171. 	public function pre_filter($filter, $field = TRUE)
    172. 

  172. 	{
    173. 

  173. 		if ( ! is_callable($filter))
    174. 

  174. 			throw new Kohana_Exception('validation.filter_not_callable');
    175. 

  175. 

  176. 		$filter = (is_string($filter) AND strpos($filter, '::') !== FALSE) ? explode('::', $filter) : $filter;
    177. 

  177. 

  178. 		if ($field === TRUE)
    179. 

  179. 		{
    180. 

  180. 			// Handle "any field" filters
    181. 

  181. 			$fields = array($this->any_field);
    182. 

  182. 		}
    183. 

  183. 		else
    184. 

  184. 		{
    185. 

  185. 			// Add the filter to specific inputs
    186. 

  186. 			$fields = func_get_args();
    187. 

  187. 			$fields = array_slice($fields, 1);
    188. 

  188. 		}
    189. 

  189. 

  190. 		foreach ($fields as $field)
    191. 

  191. 		{
    192. 

  192. 			if (strpos($field, '.') > 0)
    193. 

  193. 			{
    194. 

  194. 				// Field keys
    195. 

  195. 				$keys = explode('.', $field);
    196. 

  196. 

  197. 				// Add to array fields
    198. 

  198. 				$this->array_fields[$field] = $keys[0];
    199. 

  199. 			}
    200. 

  200. 

  201. 			// Add the filter to specified field
    202. 

  202. 			$this->pre_filters[$field][] = $filter;
    203. 

  203. 		}
    204. 

  204. 

  205. 		return $this;
    206. 

  206. 	}
    207. 

  207. 

  208. 	/**
    209. 

  209. 	 * Add a post-filter to one or more inputs.
    210. 

  210. 	 *
    211. 

  211. 	 * @chainable
    212. 

  212. 	 * @param   callback  filter
    213. 

  213. 	 * @param   string    fields to apply filter to, use TRUE for all fields
    214. 

  214. 	 * @return  object
    215. 

  215. 	 */
    216. 

  216. 	public function post_filter($filter, $field = TRUE)
    217. 

  217. 	{
    218. 

  218. 		if ( ! is_callable($filter, TRUE))
    219. 

  219. 			throw new Kohana_Exception('validation.filter_not_callable');
    220. 

  220. 

  221. 		$filter = (is_string($filter) AND strpos($filter, '::') !== FALSE) ? explode('::', $filter) : $filter;
    222. 

  222. 

  223. 		if ($field === TRUE)
    224. 

  224. 		{
    225. 

  225. 			// Handle "any field" filters
    226. 

  226. 			$fields = array($this->any_field);
    227. 

  227. 		}
    228. 

  228. 		else
    229. 

  229. 		{
    230. 

  230. 			// Add the filter to specific inputs
    231. 

  231. 			$fields = func_get_args();
    232. 

  232. 			$fields = array_slice($fields, 1);
    233. 

  233. 		}
    234. 

  234. 

  235. 		foreach ($fields as $field)
    236. 

  236. 		{
    237. 

  237. 			if (strpos($field, '.') > 0)
    238. 

  238. 			{
    239. 

  239. 				// Field keys
    240. 

  240. 				$keys = explode('.', $field);
    241. 

  241. 

  242. 				// Add to array fields
    243. 

  243. 				$this->array_fields[$field] = $keys[0];
    244. 

  244. 			}
    245. 

  245. 

  246. 			// Add the filter to specified field
    247. 

  247. 			$this->post_filters[$field][] = $filter;
    248. 

  248. 		}
    249. 

  249. 

  250. 		return $this;
    251. 

  251. 	}
    252. 

  252. 

  253. 	/**
    254. 

  254. 	 * Add rules to a field. Rules are callbacks or validation methods. Rules can
    255. 

  255. 	 * only return TRUE or FALSE.
    256. 

  256. 	 *
    257. 

  257. 	 * @chainable
    258. 

  258. 	 * @param   string    field name
    259. 

  259. 	 * @param   callback  rules (unlimited number)
    260. 

  260. 	 * @return  object
    261. 

  261. 	 */
    262. 

  262. 	public function add_rules($field, $rules)
    263. 

  263. 	{
    264. 

  264. 		// Handle "any field" filters
    265. 

  265. 		($field === TRUE) and $field = $this->any_field;
    266. 

  266. 

  267. 		// Get the rules
    268. 

  268. 		$rules = func_get_args();
    269. 

  269. 		$rules = array_slice($rules, 1);
    270. 

  270. 

  271. 		foreach ($rules as $rule)
    272. 

  272. 		{
    273. 

  273. 			// Rule arguments
    274. 

  274. 			$args = NULL;
    275. 

  275. 

  276. 			if (is_string($rule))
    277. 

  277. 			{
    278. 

  278. 				if (preg_match('/^([^\[]++)\[(.+)\]$/', $rule, $matches))
    279. 

  279. 				{
    280. 

  280. 					// Split the rule into the function and args
    281. 

  281. 					$rule = $matches[1];
    282. 

  282. 					$args = preg_split('/(?<!\\\\),\s*/', $matches[2]);
    283. 

  283. 

  284. 					// Replace escaped comma with comma
    285. 

  285. 					$args = str_replace('\,', ',', $args);
    286. 

  286. 				}
    287. 

  287. 

  288. 				if (method_exists($this, $rule))
    289. 

  289. 				{
    290. 

  290. 					// Make the rule a valid callback
    291. 

  291. 					$rule = array($this, $rule);
    292. 

  292. 				}
    293. 

  293. 				elseif (method_exists('valid', $rule))
    294. 

  294. 				{
    295. 

  295. 					// Make the rule a callback for the valid:: helper
    296. 

  296. 					$rule = array('valid', $rule);
    297. 

  297. 				}
    298. 

  298. 			}
    299. 

  299. 

  300. 			if ( ! is_callable($rule, TRUE))
    301. 

  301. 				throw new Kohana_Exception('validation.rule_not_callable');
    302. 

  302. 

  303. 			$rule = (is_string($rule) AND strpos($rule, '::') !== FALSE) ? explode('::', $rule) : $rule;
    304. 

  304. 

  305. 			if (strpos($field, '.') > 0)
    306. 

  306. 			{
    307. 

  307. 				// Field keys
    308. 

  308. 				$keys = explode('.', $field);
    309. 

  309. 

  310. 				// Add to array fields
    311. 

  311. 				$this->array_fields[$field] = $keys[0];
    312. 

  312. 			}
    313. 

  313. 

  314. 			// Add the rule to specified field
    315. 

  315. 			$this->rules[$field][] = array($rule, $args);
    316. 

  316. 		}
    317. 

  317. 

  318. 		return $this;
    319. 

  319. 	}
    320. 

  320. 

  321. 	/**
    322. 

  322. 	 * Add callbacks to a field. Callbacks must accept the Validation object
    323. 

  323. 	 * and the input name. Callback returns are not processed.
    324. 

  324. 	 *
    325. 

  325. 	 * @chainable
    326. 

  326. 	 * @param   string     field name
    327. 

  327. 	 * @param   callbacks  callbacks (unlimited number)
    328. 

  328. 	 * @return  object
    329. 

  329. 	 */
    330. 

  330. 	public function add_callbacks($field, $callbacks)
    331. 

  331. 	{
    332. 

  332. 		// Handle "any field" filters
    333. 

  333. 		($field === TRUE) and $field = $this->any_field;
    334. 

  334. 

  335. 		if (func_get_args() > 2)
    336. 

  336. 		{
    337. 

  337. 			// Multiple callback
    338. 

  338. 			$callbacks = array_slice(func_get_args(), 1);
    339. 

  339. 		}
    340. 

  340. 		else
    341. 

  341. 		{
    342. 

  342. 			// Only one callback
    343. 

  343. 			$callbacks = array($callbacks);
    344. 

  344. 		}
    345. 

  345. 

  346. 		foreach ($callbacks as $callback)
    347. 

  347. 		{
    348. 

  348. 			if ( ! is_callable($callback, TRUE))
    349. 

  349. 				throw new Kohana_Exception('validation.callback_not_callable');
    350. 

  350. 

  351. 			$callback = (is_string($callback) AND strpos($callback, '::') !== FALSE) ? explode('::', $callback) : $callback;
    352. 

  352. 

  353. 			if (strpos($field, '.') > 0)
    354. 

  354. 			{
    355. 

  355. 				// Field keys
    356. 

  356. 				$keys = explode('.', $field);
    357. 

  357. 

  358. 				// Add to array fields
    359. 

  359. 				$this->array_fields[$field] = $keys[0];
    360. 

  360. 			}
    361. 

  361. 

  362. 			// Add the callback to specified field
    363. 

  363. 			$this->callbacks[$field][] = $callback;
    364. 

  364. 		}
    365. 

  365. 

  366. 		return $this;
    367. 

  367. 	}
    368. 

  368. 

  369. 	/**
    370. 

  370. 	 * Validate by processing pre-filters, rules, callbacks, and post-filters.
    371. 

  371. 	 * All fields that have filters, rules, or callbacks will be initialized if
    372. 

  372. 	 * they are undefined. Validation will only be run if there is data already
    373. 

  373. 	 * in the array.
    374. 

  374. 	 *
    375. 

  375. 	 * @param bool $validate_csrf When TRUE, performs CSRF token validation
    376. 

  376. 	 * @return bool
    377. 

  377. 	 */
    378. 

  378. 	public function validate($validate_csrf = TRUE)
    379. 

  379. 	{
    380. 

  380. 		// CSRF token field
    381. 

  381. 		$csrf_token_key = 'form_auth_token';
    382. 

  382. 

  383. 		if (array_key_exists($csrf_token_key, $this))
    384. 

  384. 		{
    385. 

  385. 			unset ($this[$csrf_token_key]);
    386. 

  386. 		}
    387. 

  387. 

  388. 		// Delete the CSRF token field if it's in the validation
    389. 

  389. 		// rules
    390. 

  390. 		if (array_key_exists($csrf_token_key, $this->callbacks))
    391. 

  391. 		{
    392. 

  392. 			unset ($this->callbacks[$csrf_token_key]);
    393. 

  393. 		}
    394. 

  394. 		elseif (array_key_exists($csrf_token_key, $this->rules))
    395. 

  395. 		{
    396. 

  396. 			unset ($this->rules[$csrf_token_key]);
    397. 

  397. 		}
    398. 

  398. 

  399. 		// Disable CSRF for XHR
    400. 

  400. 		// Same method as django CSRF protection: 
    401. 

  401. 		//     http://michael-coates.blogspot.co.nz/2010/12/djangos-built-in-csrf-defense-for-ajax.html
    402. 

  402. 		if (request::is_ajax())
    403. 

  403. 		{
    404. 

  404. 			$validate_csrf = FALSE;
    405. 

  405. 		}
    406. 

  406. 

  407. 		// Perform CSRF validation for all HTTP POST requests
    408. 

  408. 		// where CSRF validation is enabled and the request
    409. 

  409. 		// was not submitted via the API
    410. 

  410. 		if ($_POST AND $validate_csrf AND ! Validation::$is_api_request)
    411. 

  411. 		{
    412. 

  412. 			// Check if CSRF module is loaded
    413. 

  413. 			if (in_array(MODPATH.'csrf', Kohana::config('config.modules')))
    414. 

  414. 			{
    415. 

  415. 				// Check for presence of CSRF token in HTTP POST payload
    416. 

  416. 				$form_auth_token = (isset($_POST[$csrf_token_key]))
    417. 

  417. 				    ? $_POST[$csrf_token_key]
    418. 

  418. 

  419. 					    // Generate invalid token
    420. 

  420. 				    : text::random('alnum', 10);
    421. 

  421. 				
    422. 

  422. 				// Validate the token
    423. 

  423. 				if ( ! csrf::valid($form_auth_token))
    424. 

  424. 				{
    425. 

  425. 					Kohana::log('debug', 'Invalid CSRF token: '.$form_auth_token);
    426. 

  426. 					Kohana::log('debug', 'Actual CSRF token: '.csrf::token());
    427. 

  427. 					// Flag CSRF validation as having failed
    428. 

  428. 					$this->csrf_validation_failed = TRUE;
    429. 

  429. 

  430. 					// Set the error message
    431. 

  431. 					$this->errors[$csrf_token_key] = Kohana::lang('csrf.form_auth_token.error');
    432. 

  432. 

  433. 					return FALSE;
    434. 

  434. 				}
    435. 

  435. 			}
    436. 

  436. 		}
    437. 

  437. 

  438. 		// All the fields that are being validated
    439. 

  439. 		$all_fields = array_unique(array_merge
    440. 

  440. 		(
    441. 

  441. 			array_keys($this->pre_filters),
    442. 

  442. 			array_keys($this->rules),
    443. 

  443. 			array_keys($this->callbacks),
    444. 

  444. 			array_keys($this->post_filters)
    445. 

  445. 		));
    446. 

  446. 

  447. 		// Copy the array from the object, to optimize multiple sets
    448. 

  448. 		$object_array = $this->getArrayCopy();
    449. 

  449. 

  450. 		foreach ($all_fields as $i => $field)
    451. 

  451. 		{
    452. 

  452. 			if ($field === $this->any_field)
    453. 

  453. 			{
    454. 

  454. 				// Remove "any field" from the list of fields
    455. 

  455. 				unset($all_fields[$i]);
    456. 

  456. 				continue;
    457. 

  457. 			}
    458. 

  458. 

  459. 			if (substr($field, -2) === '.*')
    460. 

  460. 			{
    461. 

  461. 				// Set the key to be an array
    462. 

  462. 				Kohana::key_string_set($object_array, substr($field, 0, -2), array());
    463. 

  463. 			}
    464. 

  464. 			else
    465. 

  465. 			{
    466. 

  466. 				// Set the key to be NULL
    467. 

  467. 				Kohana::key_string_set($object_array, $field, NULL);
    468. 

  468. 			}
    469. 

  469. 		}
    470. 

  470. 

  471. 		// Swap the array back into the object
    472. 

  472. 		$this->exchangeArray($object_array);
    473. 

  473. 

  474. 		// Reset all fields to ALL defined fields
    475. 

  475. 		$all_fields = array_keys($this->getArrayCopy());
    476. 

  476. 

  477. 		foreach ($this->pre_filters as $field => $calls)
    478. 

  478. 		{
    479. 

  479. 			foreach ($calls as $func)
    480. 

  480. 			{
    481. 

  481. 				if ($field === $this->any_field)
    482. 

  482. 				{
    483. 

  483. 					foreach ($all_fields as $f)
    484. 

  484. 					{
    485. 

  485. 						// Process each filter
    486. 

  486. 						$this[$f] = is_array($this[$f]) ? arr::map_recursive($func, $this[$f]) : call_user_func($func, $this[$f]);
    487. 

  487. 					}
    488. 

  488. 				}
    489. 

  489. 				else
    490. 

  490. 				{
    491. 

  491. 					// Process each filter
    492. 

  492. 					$this[$field] = is_array($this[$field]) ? arr::map_recursive($func, $this[$field]) : call_user_func($func, $this[$field]);
    493. 

  493. 				}
    494. 

  494. 			}
    495. 

  495. 		}
    496. 

  496. 

  497. 		if ($this->submitted === FALSE)
    498. 

  498. 			return FALSE;
    499. 

  499. 

  500. 		foreach ($this->rules as $field => $calls)
    501. 

  501. 		{
    502. 

  502. 			foreach ($calls as $call)
    503. 

  503. 			{
    504. 

  504. 				// Split the rule into function and args
    505. 

  505. 				list($func, $args) = $call;
    506. 

  506. 

  507. 				if ($field === $this->any_field)
    508. 

  508. 				{
    509. 

  509. 					foreach ($all_fields as $f)
    510. 

  510. 					{
    511. 

  511. 						if (isset($this->array_fields[$f]))
    512. 

  512. 						{
    513. 

  513. 							// Use the field key
    514. 

  514. 							$f_key = $this->array_fields[$f];
    515. 

  515. 

  516. 							// Prevent other rules from running when this field already has errors
    517. 

  517. 							if ( ! empty($this->errors[$f_key])) break;
    518. 

  518. 

  519. 							// Don't process rules on empty fields
    520. 

  520. 							if ( ! in_array($func[1], $this->empty_rules, TRUE) AND $this[$f_key] == NULL)
    521. 

  521. 								continue;
    522. 

  522. 

  523. 							foreach ($this[$f_key] as $k => $v)
    524. 

  524. 							{
    525. 

  525. 								if ( ! call_user_func($func, $this[$f_key][$k], $args))
    526. 

  526. 								{
    527. 

  527. 									// Run each rule
    528. 

  528. 									$this->errors[$f_key] = is_array($func) ? $func[1] : $func;
    529. 

  529. 								}
    530. 

  530. 							}
    531. 

  531. 						}
    532. 

  532. 						else
    533. 

  533. 						{
    534. 

  534. 							// Prevent other rules from running when this field already has errors
    535. 

  535. 							if ( ! empty($this->errors[$f])) break;
    536. 

  536. 

  537. 							// Don't process rules on empty fields
    538. 

  538. 							if ( ! in_array($func[1], $this->empty_rules, TRUE) AND $this[$f] == NULL)
    539. 

  539. 								continue;
    540. 

  540. 

  541. 							if ( ! call_user_func($func, $this[$f], $args))
    542. 

  542. 							{
    543. 

  543. 								// Run each rule
    544. 

  544. 								$this->errors[$f] = is_array($func) ? $func[1] : $func;
    545. 

  545. 							}
    546. 

  546. 						}
    547. 

  547. 					}
    548. 

  548. 				}
    549. 

  549. 				else
    550. 

  550. 				{
    551. 

  551. 					if (isset($this->array_fields[$field]))
    552. 

  552. 					{
    553. 

  553. 						// Use the field key
    554. 

  554. 						$field_key = $this->array_fields[$field];
    555. 

  555. 

  556. 						// Prevent other rules from running when this field already has errors
    557. 

  557. 						if ( ! empty($this->errors[$field_key])) break;
    558. 

  558. 

  559. 						// Don't process rules on empty fields
    560. 

  560. 						if ( ! in_array($func[1], $this->empty_rules, TRUE) AND $this[$field_key] == NULL)
    561. 

  561. 							continue;
    562. 

  562. 

  563. 						foreach ($this[$field_key] as $k => $val)
    564. 

  564. 						{
    565. 

  565. 							if ( ! call_user_func($func, $this[$field_key][$k], $args))
    566. 

  566. 							{
    567. 

  567. 								// Run each rule
    568. 

  568. 								$this->errors[$field_key] = is_array($func) ? $func[1] : $func;
    569. 

  569. 

  570. 								// Stop after an error is found
    571. 

  571. 								break 2;
    572. 

  572. 							}
    573. 

  573. 						}
    574. 

  574. 					}
    575. 

  575. 					else
    576. 

  576. 					{
    577. 

  577. 						// Prevent other rules from running when this field already has errors
    578. 

  578. 						if ( ! empty($this->errors[$field])) break;
    579. 

  579. 

  580. 						// Don't process rules on empty fields
    581. 

  581. 						if ( ! in_array($func[1], $this->empty_rules, TRUE) AND $this[$field] == NULL)
    582. 

  582. 							continue;
    583. 

  583. 

  584. 						if ( ! call_user_func($func, $this[$field], $args))
    585. 

  585. 						{
    586. 

  586. 							// Run each rule
    587. 

  587. 							$this->errors[$field] = is_array($func) ? $func[1] : $func;
    588. 

  588. 

  589. 							// Stop after an error is found
    590. 

  590. 							break;
    591. 

  591. 						}
    592. 

  592. 					}
    593. 

  593. 				}
    594. 

  594. 			}
    595. 

  595. 		}
    596. 

  596. 

  597. 		foreach ($this->callbacks as $field => $calls)
    598. 

  598. 		{
    599. 

  599. 			foreach ($calls as $func)
    600. 

  600. 			{
    601. 

  601. 				if ($field === $this->any_field)
    602. 

  602. 				{
    603. 

  603. 					foreach ($all_fields as $f)
    604. 

  604. 					{
    605. 

  605. 						// Execute the callback
    606. 

  606. 						call_user_func($func, $this, $f);
    607. 

  607. 

  608. 						// Stop after an error is found
    609. 

  609. 						if ( ! empty($errors[$f])) break 2;
    610. 

  610. 					}
    611. 

  611. 				}
    612. 

  612. 				else
    613. 

  613. 				{
    614. 

  614. 					// Execute the callback
    615. 

  615. 					call_user_func($func, $this, $field);
    616. 

  616. 

  617. 					// Stop after an error is found
    618. 

  618. 					if ( ! empty($errors[$field])) break;
    619. 

  619. 				}
    620. 

  620. 			}
    621. 

  621. 		}
    622. 

  622. 

  623. 		foreach ($this->post_filters as $field => $calls)
    624. 

  624. 		{
    625. 

  625. 			foreach ($calls as $func)
    626. 

  626. 			{
    627. 

  627. 				if ($field === $this->any_field)
    628. 

  628. 				{
    629. 

  629. 					foreach ($all_fields as $f)
    630. 

  630. 					{
    631. 

  631. 						if (isset($this->array_fields[$f]))
    632. 

  632. 						{
    633. 

  633. 							// Use the field key
    634. 

  634. 							$f = $this->array_fields[$f];
    635. 

  635. 						}
    636. 

  636. 

  637. 						// Process each filter
    638. 

  638. 						$this[$f] = is_array($this[$f]) ? array_map($func, $this[$f]) : call_user_func($func, $this[$f]);
    639. 

  639. 					}
    640. 

  640. 				}
    641. 

  641. 				else
    642. 

  642. 				{
    643. 

  643. 					if (isset($this->array_fields[$field]))
    644. 

  644. 					{
    645. 

  645. 						// Use the field key
    646. 

  646. 						$field = $this->array_fields[$field];
    647. 

  647. 					}
    648. 

  648. 

  649. 					// Process each filter
    650. 

  650. 					$this[$field] = is_array($this[$field]) ? array_map($func, $this[$field]) : call_user_func($func, $this[$field]);
    651. 

  651. 				}
    652. 

  652. 			}
    653. 

  653. 		}
    654. 

  654. 

  655. 		// Return TRUE if there are no errors
    656. 

  656. 		return (count($this->errors) === 0);
    657. 

  657. 	}
    658. 

  658. 

  659. 	/**
    660. 

  660. 	 * Add an error to an input.
    661. 

  661. 	 *
    662. 

  662. 	 * @chainable
    663. 

  663. 	 * @param   string  input name
    664. 

  664. 	 * @param   string  unique error name
    665. 

  665. 	 * @param   array   extra vars to pass to kohana::lang()
    666. 

  666. 	 * @return  object
    667. 

  667. 	 */
    668. 

  668. 	public function add_error($field, $name, $lang_vars = FALSE)
    669. 

  669. 	{
    670. 

  670. 		if (isset($this[$field]) OR $field == 'custom')
    671. 

  671. 		{
    672. 

  672. 			$this->errors[$field] = $name;
    673. 

  673. 			// Save error message vars
    674. 

  674. 			if ($lang_vars)
    675. 

  675. 			{
    676. 

  676. 				$this->error_message_args[$field] = $lang_vars;
    677. 

  677. 			}
    678. 

  678. 		}
    679. 

  679. 

  680. 		return $this;
    681. 

  681. 	}
    682. 

  682. 

  683. 	/**
    684. 

  684. 	 * Sets or returns the message for an input.
    685. 

  685. 	 *
    686. 

  686. 	 * @chainable
    687. 

  687. 	 * @param   string   input key
    688. 

  688. 	 * @param   string   message to set
    689. 

  689. 	 * @return  string|object
    690. 

  690. 	 */
    691. 

  691. 	public function message($input = NULL, $message = NULL)
    692. 

  692. 	{
    693. 

  693. 		if ($message === NULL)
    694. 

  694. 		{
    695. 

  695. 			if ($input === NULL)
    696. 

  696. 			{
    697. 

  697. 				$messages = array();
    698. 

  698. 				$keys     = array_keys($this->messages);
    699. 

  699. 

  700. 				foreach ($keys as $input)
    701. 

  701. 				{
    702. 

  702. 					$messages[] = $this->message($input);
    703. 

  703. 				}
    704. 

  704. 

  705. 				return implode("\n", $messages);
    706. 

  706. 			}
    707. 

  707. 

  708. 			// Return nothing if no message exists
    709. 

  709. 			if (empty($this->messages[$input]))
    710. 

  710. 				return '';
    711. 

  711. 

  712. 			// Return the HTML message string
    713. 

  713. 			return $this->messages[$input];
    714. 

  714. 		}
    715. 

  715. 		else
    716. 

  716. 		{
    717. 

  717. 			$this->messages[$input] = $message;
    718. 

  718. 		}
    719. 

  719. 

  720. 		return $this;
    721. 

  721. 	}
    722. 

  722. 

  723. 	/**
    724. 

  724. 	 * Return the errors array.
    725. 

  725. 	 *
    726. 

  726. 	 * @param   boolean  load errors from a lang file
    727. 

  727. 	 * @return  array
    728. 

  728. 	 */
    729. 

  729. 	public function errors($file = NULL)
    730. 

  730. 	{
    731. 

  731. 		if ($file === NULL)
    732. 

  732. 		{
    733. 

  733. 			return $this->errors;
    734. 

  734. 		}
    735. 

  735. 		else
    736. 

  736. 		{
    737. 

  737. 			$errors = array();
    738. 

  738. 			foreach ($this->errors as $input => $error)
    739. 

  739. 			{
    740. 

  740. 				// Key for this input error
    741. 

  741. 				$key = "$file.$input.$error";
    742. 

  742. 				
    743. 

  743. 				$message_vars = isset($this->error_message_args[$input]) ? $this->error_message_args[$input] : array();
    744. 

  744. 

  745. 				if (($errors[$input] = Kohana::lang($key, $message_vars)) === $key)
    746. 

  746. 				{
    747. 

  747. 					// Get the default error message.      Note: commented out by BH
    748. 

  748. 					//$errors[$input] = Kohana::lang("$file.$input.default");
    749. 

  749. 

  750. 					// Don't get the default message because we rarely set it. Pass the key since it will
    751. 

  751. 					//   provide more clues as to the problem than what we are currently providing. Also,
    752. 

  752. 					//   this allows "custom" inputs to pass through, bypassing localization by design
    753. 

  753. 					//$errors[$input] = $key;
    754. 

  754. 				}
    755. 

  755. 			}
    756. 

  756. 

  757. 			// CSRF validation errors MUST always be returned
    758. 

  758. 			if ($this->csrf_validation_failed)
    759. 

  759. 			{
    760. 

  760. 				$errors['form_auth_token'] = $this->errors['form_auth_token'];
    761. 

  761. 			}
    762. 

  762. 			return $errors;
    763. 

  763. 		}
    764. 

  764. 	}
    765. 

  765. 

  766. 	/**
    767. 

  767. 	 * Rule: required. Generates an error if the field has an empty value.
    768. 

  768. 	 *
    769. 

  769. 	 * @param   mixed   input value
    770. 

  770. 	 * @return  bool
    771. 

  771. 	 */
    772. 

  772. 	public function required($str)
    773. 

  773. 	{
    774. 

  774. 		return ! ($str === '' OR $str === NULL OR $str === FALSE OR (is_array($str) AND empty($str)));
    775. 

  775. 	}
    776. 

  776. 

  777. 	/**
    778. 

  778. 	 * Rule: matches. Generates an error if the field does not match one or more
    779. 

  779. 	 * other fields.
    780. 

  780. 	 *
    781. 

  781. 	 * @param   mixed   input value
    782. 

  782. 	 * @param   array   input names to match against
    783. 

  783. 	 * @return  bool
    784. 

  784. 	 */
    785. 

  785. 	public function matches($str, array $inputs)
    786. 

  786. 	{
    787. 

  787. 		foreach ($inputs as $key)
    788. 

  788. 		{
    789. 

  789. 			if ($str !== (isset($this[$key]) ? $this[$key] : NULL))
    790. 

  790. 				return FALSE;
    791. 

  791. 		}
    792. 

  792. 

  793. 		return TRUE;
    794. 

  794. 	}
    795. 

  795. 

  796. 	/**
    797. 

  797. 	 * Rule: length. Generates an error if the field is too long or too short.
    798. 

  798. 	 *
    799. 

  799. 	 * @param   mixed   input value
    800. 

  800. 	 * @param   array   minimum, maximum, or exact length to match
    801. 

  801. 	 * @return  bool
    802. 

  802. 	 */
    803. 

  803. 	public function length($str, array $length)
    804. 

  804. 	{
    805. 

  805. 		if ( ! is_string($str))
    806. 

  806. 			return FALSE;
    807. 

  807. 

  808. 		$size = utf8::strlen($str);
    809. 

  809. 		$status = FALSE;
    810. 

  810. 

  811. 		if (count($length) > 1)
    812. 

  812. 		{
    813. 

  813. 			list ($min, $max) = $length;
    814. 

  814. 

  815. 			if ($size >= $min AND $size <= $max)
    816. 

  816. 			{
    817. 

  817. 				$status = TRUE;
    818. 

  818. 			}
    819. 

  819. 		}
    820. 

  820. 		else
    821. 

  821. 		{
    822. 

  822. 			$status = ($size === (int) $length[0]);
    823. 

  823. 		}
    824. 

  824. 

  825. 		return $status;
    826. 

  826. 	}
    827. 

  827. 

  828. 	/**
    829. 

  829. 	 * Rule: depends_on. Generates an error if the field does not depend on one
    830. 

  830. 	 * or more other fields.
    831. 

  831. 	 *
    832. 

  832. 	 * @param   mixed   field name
    833. 

  833. 	 * @param   array   field names to check dependency
    834. 

  834. 	 * @return  bool
    835. 

  835. 	 */
    836. 

  836. 	public function depends_on($field, array $fields)
    837. 

  837. 	{
    838. 

  838. 		foreach ($fields as $depends_on)
    839. 

  839. 		{
    840. 

  840. 			if ( ! isset($this[$depends_on]) OR $this[$depends_on] == NULL)
    841. 

  841. 				return FALSE;
    842. 

  842. 		}
    843. 

  843. 

  844. 		return TRUE;
    845. 

  845. 	}
    846. 

  846. 

  847. 	/**
    848. 

  848. 	 * Rule: chars. Generates an error if the field contains characters outside of the list.
    849. 

  849. 	 *
    850. 

  850. 	 * @param   string  field value
    851. 

  851. 	 * @param   array   allowed characters
    852. 

  852. 	 * @return  bool
    853. 

  853. 	 */
    854. 

  854. 	public function chars($value, array $chars)
    855. 

  855. 	{
    856. 

  856. 		return ! preg_match('![^'.preg_quote(implode(',', $chars)).']!', $value);
    857. 

  857. 	}
    858. 

  858. 

  859. } // End Validation
    860. 

  860.