PageRenderTime 91ms CodeModel.GetById 30ms app.highlight 23ms RepoModel.GetById 17ms app.codeStats 1ms

/halogy/libraries/Validation.php

https://bitbucket.org/haloweb/halogy-1.0/
PHP | 875 lines | 403 code | 121 blank | 351 comment | 78 complexity | ddc03af713c1cb380c4556e756a04c54 MD5 | raw file
  1<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
  2/**
  3 * CodeIgniter
  4 *
  5 * An open source application development framework for PHP 4.3.2 or newer
  6 *
  7 * @package		CodeIgniter
  8 * @author		ExpressionEngine Dev Team
  9 * @copyright	Copyright (c) 2008 - 2009, EllisLab, Inc.
 10 * @license		http://codeigniter.com/user_guide/license.html
 11 * @link		http://codeigniter.com
 12 * @since		Version 1.0
 13 * @filesource
 14 */
 15
 16// ------------------------------------------------------------------------
 17
 18/**
 19 * Validation Class
 20 *
 21 * @package		CodeIgniter
 22 * @subpackage	Libraries
 23 * @category	Validation
 24 * @author		ExpressionEngine Dev Team
 25 * @link		http://codeigniter.com/user_guide/libraries/validation.html
 26 */
 27class CI_Validation {
 28	
 29	var $CI;
 30	var $error_string		= '';
 31	var $_error_array		= array();
 32	var $_rules				= array();
 33	var $_fields			= array();
 34	var $_error_messages	= array();
 35	var $_current_field  	= '';
 36	var $_safe_form_data 	= FALSE;
 37	var $_error_prefix		= '<p>';
 38	var $_error_suffix		= '</p>';
 39
 40	
 41
 42	/**
 43	 * Constructor
 44	 *
 45	 */	
 46	function CI_Validation()
 47	{	
 48		$this->CI =& get_instance();
 49		
 50		if (function_exists('mb_internal_encoding'))
 51		{
 52			mb_internal_encoding($this->CI->config->item('charset'));
 53		}
 54		
 55		log_message('debug', "Validation Class Initialized");
 56	}
 57	
 58	// --------------------------------------------------------------------
 59	
 60	/**
 61	 * Set Fields
 62	 *
 63	 * This function takes an array of field names as input
 64	 * and generates class variables with the same name, which will
 65	 * either be blank or contain the $_POST value corresponding to it
 66	 *
 67	 * @access	public
 68	 * @param	string
 69	 * @param	string
 70	 * @return	void
 71	 */
 72	function set_fields($data = '', $field = '')
 73	{	
 74		if ($data == '')
 75		{
 76			if (count($this->_fields) == 0)
 77			{
 78				return FALSE;
 79			}
 80		}
 81		else
 82		{
 83			if ( ! is_array($data))
 84			{
 85				$data = array($data => $field);
 86			}
 87			
 88			if (count($data) > 0)
 89			{
 90				$this->_fields = $data;
 91			}
 92		}		
 93			
 94		foreach($this->_fields as $key => $val)
 95		{
 96			$this->$key = ( ! isset($_POST[$key])) ? '' : $this->prep_for_form($_POST[$key]);
 97			
 98			$error = $key.'_error';
 99			if ( ! isset($this->$error))
100			{
101				$this->$error = '';
102			}
103		}		
104	}
105	
106	// --------------------------------------------------------------------
107	
108	/**
109	 * Set Rules
110	 *
111	 * This function takes an array of field names and validation
112	 * rules as input ad simply stores is for use later.
113	 *
114	 * @access	public
115	 * @param	mixed
116	 * @param	string
117	 * @return	void
118	 */
119	function set_rules($data, $rules = '')
120	{
121		if ( ! is_array($data))
122		{
123			if ($rules == '')
124				return;
125				
126			$data = array($data => $rules);
127		}
128	
129		foreach ($data as $key => $val)
130		{
131			$this->_rules[$key] = $val;
132		}
133	}
134	
135	// --------------------------------------------------------------------
136	
137	/**
138	 * Set Error Message
139	 *
140	 * Lets users set their own error messages on the fly.  Note:  The key
141	 * name has to match the  function name that it corresponds to.
142	 *
143	 * @access	public
144	 * @param	string
145	 * @param	string
146	 * @return	string
147	 */
148	function set_message($lang, $val = '')
149	{
150		if ( ! is_array($lang))
151		{
152			$lang = array($lang => $val);
153		}
154	
155		$this->_error_messages = array_merge($this->_error_messages, $lang);
156	}
157	
158	// --------------------------------------------------------------------
159	
160	/**
161	 * Set The Error Delimiter
162	 *
163	 * Permits a prefix/suffix to be added to each error message
164	 *
165	 * @access	public
166	 * @param	string
167	 * @param	string
168	 * @return	void
169	 */	
170	function set_error_delimiters($prefix = '<p>', $suffix = '</p>')
171	{
172		$this->_error_prefix = $prefix;
173		$this->_error_suffix = $suffix;
174	}
175	
176	// --------------------------------------------------------------------
177	
178	/**
179	 * Run the Validator
180	 *
181	 * This function does all the work.
182	 *
183	 * @access	public
184	 * @return	bool
185	 */		
186	function run()
187	{
188		// Do we even have any data to process?  Mm?
189		if (count($_POST) == 0 OR count($this->_rules) == 0)
190		{
191			return FALSE;
192		}
193	
194		// Load the language file containing error messages
195		$this->CI->lang->load('validation');
196							
197		// Cycle through the rules and test for errors
198		foreach ($this->_rules as $field => $rules)
199		{
200			//Explode out the rules!
201			$ex = explode('|', $rules);
202
203			// Is the field required?  If not, if the field is blank  we'll move on to the next test
204			if ( ! in_array('required', $ex, TRUE))
205			{
206				if ( ! isset($_POST[$field]) OR $_POST[$field] == '')
207				{
208					continue;
209				}
210			}
211			
212			/*
213			 * Are we dealing with an "isset" rule?
214			 *
215			 * Before going further, we'll see if one of the rules
216			 * is to check whether the item is set (typically this
217			 * applies only to checkboxes).  If so, we'll
218			 * test for it here since there's not reason to go
219			 * further
220			 */
221			if ( ! isset($_POST[$field]))
222			{			
223				if (in_array('isset', $ex, TRUE) OR in_array('required', $ex))
224				{
225					if ( ! isset($this->_error_messages['isset']))
226					{
227						if (FALSE === ($line = $this->CI->lang->line('isset')))
228						{
229							$line = 'The field was not set';
230						}							
231					}
232					else
233					{
234						$line = $this->_error_messages['isset'];
235					}
236					
237					// Build the error message
238					$mfield = ( ! isset($this->_fields[$field])) ? $field : $this->_fields[$field];
239					$message = sprintf($line, $mfield);
240
241					// Set the error variable.  Example: $this->username_error
242					$error = $field.'_error';
243					$this->$error = $this->_error_prefix.$message.$this->_error_suffix;
244					$this->_error_array[] = $message;
245				}
246						
247				continue;
248			}
249	
250			/*
251			 * Set the current field
252			 *
253			 * The various prepping functions need to know the
254			 * current field name so they can do this:
255			 *
256			 * $_POST[$this->_current_field] == 'bla bla';
257			 */
258			$this->_current_field = $field;
259
260			// Cycle through the rules!
261			foreach ($ex As $rule)
262			{
263				// Is the rule a callback?			
264				$callback = FALSE;
265				if (substr($rule, 0, 9) == 'callback_')
266				{
267					$rule = substr($rule, 9);
268					$callback = TRUE;
269				}
270				
271				// Strip the parameter (if exists) from the rule
272				// Rules can contain a parameter: max_length[5]
273				$param = FALSE;
274				if (preg_match("/(.*?)\[(.*?)\]/", $rule, $match))
275				{
276					$rule	= $match[1];
277					$param	= $match[2];
278				}
279				
280				// Call the function that corresponds to the rule
281				if ($callback === TRUE)
282				{
283					if ( ! method_exists($this->CI, $rule))
284					{ 		
285						continue;
286					}
287					
288					$result = $this->CI->$rule($_POST[$field], $param);	
289					
290					// If the field isn't required and we just processed a callback we'll move on...
291					if ( ! in_array('required', $ex, TRUE) AND $result !== FALSE)
292					{
293						continue 2;
294					}
295					
296				}
297				else
298				{				
299					if ( ! method_exists($this, $rule))
300					{
301						/*
302						 * Run the native PHP function if called for
303						 *
304						 * If our own wrapper function doesn't exist we see
305						 * if a native PHP function does. Users can use
306						 * any native PHP function call that has one param.
307						 */
308						if (function_exists($rule))
309						{
310							$_POST[$field] = $rule($_POST[$field]);
311							$this->$field = $_POST[$field];
312						}
313											
314						continue;
315					}
316					
317					$result = $this->$rule($_POST[$field], $param);
318				}
319								
320				// Did the rule test negatively?  If so, grab the error.
321				if ($result === FALSE)
322				{
323					if ( ! isset($this->_error_messages[$rule]))
324					{
325						if (FALSE === ($line = $this->CI->lang->line($rule)))
326						{
327							$line = 'Unable to access an error message corresponding to your field name.';
328						}						
329					}
330					else
331					{
332						$line = $this->_error_messages[$rule];
333					}				
334
335					// Build the error message
336					$mfield = ( ! isset($this->_fields[$field])) ? $field : $this->_fields[$field];
337					$mparam = ( ! isset($this->_fields[$param])) ? $param : $this->_fields[$param];
338					$message = sprintf($line, $mfield, $mparam);
339					
340					// Set the error variable.  Example: $this->username_error
341					$error = $field.'_error';
342					$this->$error = $this->_error_prefix.$message.$this->_error_suffix;
343
344					// Add the error to the error array
345					$this->_error_array[] = $message;				
346					continue 2;
347				}				
348			}
349			
350		}
351		
352		$total_errors = count($this->_error_array);
353
354		/*
355		 * Recompile the class variables
356		 *
357		 * If any prepping functions were called the $_POST data
358		 * might now be different then the corresponding class
359		 * variables so we'll set them anew.
360		 */	
361		if ($total_errors > 0)
362		{
363			$this->_safe_form_data = TRUE;
364		}
365		
366		$this->set_fields();
367
368		// Did we end up with any errors?
369		if ($total_errors == 0)
370		{
371			return TRUE;
372		}
373		
374		// Generate the error string
375		foreach ($this->_error_array as $val)
376		{
377			$this->error_string .= $this->_error_prefix.$val.$this->_error_suffix."\n";
378		}
379
380		return FALSE;
381	}
382	
383	// --------------------------------------------------------------------
384	
385	/**
386	 * Required
387	 *
388	 * @access	public
389	 * @param	string
390	 * @return	bool
391	 */
392	function required($str)
393	{
394		if ( ! is_array($str))
395		{
396			return (trim($str) == '') ? FALSE : TRUE;
397		}
398		else
399		{
400			return ( ! empty($str));
401		}
402	}
403	
404	// --------------------------------------------------------------------
405	
406	/**
407	 * Match one field to another
408	 *
409	 * @access	public
410	 * @param	string
411	 * @param	field
412	 * @return	bool
413	 */
414	function matches($str, $field)
415	{
416		if ( ! isset($_POST[$field]))
417		{
418			return FALSE;
419		}
420		
421		return ($str !== $_POST[$field]) ? FALSE : TRUE;
422	}
423	
424	// --------------------------------------------------------------------
425	
426	/**
427	 * Minimum Length
428	 *
429	 * @access	public
430	 * @param	string
431	 * @param	value
432	 * @return	bool
433	 */	
434	function min_length($str, $val)
435	{
436		if (preg_match("/[^0-9]/", $val))
437		{
438			return FALSE;
439		}
440
441		if (function_exists('mb_strlen'))
442		{
443			return (mb_strlen($str) < $val) ? FALSE : TRUE;		
444		}
445
446		return (strlen($str) < $val) ? FALSE : TRUE;
447	}
448	
449	// --------------------------------------------------------------------
450	
451	/**
452	 * Max Length
453	 *
454	 * @access	public
455	 * @param	string
456	 * @param	value
457	 * @return	bool
458	 */	
459	function max_length($str, $val)
460	{
461		if (preg_match("/[^0-9]/", $val))
462		{
463			return FALSE;
464		}
465		
466		if (function_exists('mb_strlen'))
467		{
468			return (mb_strlen($str) > $val) ? FALSE : TRUE;		
469		}
470
471		return (strlen($str) > $val) ? FALSE : TRUE;
472	}
473	
474	// --------------------------------------------------------------------
475	
476	/**
477	 * Exact Length
478	 *
479	 * @access	public
480	 * @param	string
481	 * @param	value
482	 * @return	bool
483	 */	
484	function exact_length($str, $val)
485	{
486		if (preg_match("/[^0-9]/", $val))
487		{
488			return FALSE;
489		}
490	
491		if (function_exists('mb_strlen'))
492		{
493			return (mb_strlen($str) != $val) ? FALSE : TRUE;		
494		}
495
496		return (strlen($str) != $val) ? FALSE : TRUE;
497	}
498	
499	// --------------------------------------------------------------------
500	
501	/**
502	 * Valid Email
503	 *
504	 * @access	public
505	 * @param	string
506	 * @return	bool
507	 */	
508	function valid_email($str)
509	{
510		return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
511	}
512
513	// --------------------------------------------------------------------
514	
515	/**
516	 * Valid Emails
517	 *
518	 * @access	public
519	 * @param	string
520	 * @return	bool
521	 */	
522	function valid_emails($str)
523	{
524		if (strpos($str, ',') === FALSE)
525		{
526			return $this->valid_email(trim($str));
527		}
528		
529		foreach(explode(',', $str) as $email)
530		{
531			if (trim($email) != '' && $this->valid_email(trim($email)) === FALSE)
532			{
533				return FALSE;
534			}
535		}
536		
537		return TRUE;
538	}
539
540	// --------------------------------------------------------------------
541	
542	/**
543	 * Validate IP Address
544	 *
545	 * @access	public
546	 * @param	string
547	 * @return	string
548	 */
549	function valid_ip($ip)
550	{
551		return $this->CI->input->valid_ip($ip);
552	}
553
554	// --------------------------------------------------------------------
555	
556	/**
557	 * Alpha
558	 *
559	 * @access	public
560	 * @param	string
561	 * @return	bool
562	 */		
563	function alpha($str)
564	{
565		return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE;
566	}
567	
568	// --------------------------------------------------------------------
569	
570	/**
571	 * Alpha-numeric
572	 *
573	 * @access	public
574	 * @param	string
575	 * @return	bool
576	 */	
577	function alpha_numeric($str)
578	{
579		return ( ! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE;
580	}
581	
582	// --------------------------------------------------------------------
583	
584	/**
585	 * Alpha-numeric with underscores and dashes
586	 *
587	 * @access	public
588	 * @param	string
589	 * @return	bool
590	 */	
591	function alpha_dash($str)
592	{
593		return ( ! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE;
594	}
595	
596	// --------------------------------------------------------------------
597	
598	/**
599	 * Numeric
600	 *
601	 * @access	public
602	 * @param	string
603	 * @return	bool
604	 */	
605	function numeric($str)
606	{
607		return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str);
608
609	}
610
611	// --------------------------------------------------------------------
612
613	/**
614	 * Is Numeric
615	 *
616	 * @access	public
617	 * @param	string
618	 * @return	bool
619	 */
620  	function is_numeric($str)
621	{
622		return ( ! is_numeric($str)) ? FALSE : TRUE;
623	} 
624
625	// --------------------------------------------------------------------
626	
627	/**
628	 * Integer
629	 *
630	 * @access	public
631	 * @param	string
632	 * @return	bool
633	 */	
634	function integer($str)
635	{
636		return (bool)preg_match( '/^[\-+]?[0-9]+$/', $str);
637	}
638
639	// --------------------------------------------------------------------
640
641	/**
642	 * Is a Natural number  (0,1,2,3, etc.)
643	 *
644	 * @access	public
645	 * @param	string
646	 * @return	bool
647	 */
648	function is_natural($str)
649	{   
650   		return (bool)preg_match( '/^[0-9]+$/', $str);
651	}
652
653	// --------------------------------------------------------------------
654
655	/**
656	 * Is a Natural number, but not a zero  (1,2,3, etc.)
657	 *
658	 * @access	public
659	 * @param	string
660	 * @return	bool
661	 */
662	function is_natural_no_zero($str)
663	{   
664		if ( ! preg_match( '/^[0-9]+$/', $str))
665		{
666			return FALSE;
667		}
668	
669		if ($str == 0)
670		{
671			return FALSE;
672		}
673
674		return TRUE;
675	}
676
677	// --------------------------------------------------------------------
678	
679	/**
680	 * Valid Base64
681	 *
682	 * Tests a string for characters outside of the Base64 alphabet
683	 * as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045
684	 *
685	 * @access	public
686	 * @param	string
687	 * @return	bool
688	 */
689	function valid_base64($str)
690	{
691		return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
692	}
693
694	// --------------------------------------------------------------------
695	
696	/**
697	 * Set Select
698	 *
699	 * Enables pull-down lists to be set to the value the user
700	 * selected in the event of an error
701	 *
702	 * @access	public
703	 * @param	string
704	 * @param	string
705	 * @return	string
706	 */	
707	function set_select($field = '', $value = '')
708	{
709		if ($field == '' OR $value == '' OR  ! isset($_POST[$field]))
710		{
711			return '';
712		}
713			
714		if ($_POST[$field] == $value)
715		{
716			return ' selected="selected"';
717		}
718	}
719	
720	// --------------------------------------------------------------------
721	
722	/**
723	 * Set Radio
724	 *
725	 * Enables radio buttons to be set to the value the user
726	 * selected in the event of an error
727	 *
728	 * @access	public
729	 * @param	string
730	 * @param	string
731	 * @return	string
732	 */	
733	function set_radio($field = '', $value = '')
734	{
735		if ($field == '' OR $value == '' OR  ! isset($_POST[$field]))
736		{
737			return '';
738		}
739			
740		if ($_POST[$field] == $value)
741		{
742			return ' checked="checked"';
743		}
744	}
745	
746	// --------------------------------------------------------------------
747	
748	/**
749	 * Set Checkbox
750	 *
751	 * Enables checkboxes to be set to the value the user
752	 * selected in the event of an error
753	 *
754	 * @access	public
755	 * @param	string
756	 * @param	string
757	 * @return	string
758	 */	
759	function set_checkbox($field = '', $value = '')
760	{
761		if ($field == '' OR $value == '' OR  ! isset($_POST[$field]))
762		{
763			return '';
764		}
765			
766		if ($_POST[$field] == $value)
767		{
768			return ' checked="checked"';
769		}
770	}
771	
772	// --------------------------------------------------------------------
773	
774	/**
775	 * Prep data for form
776	 *
777	 * This function allows HTML to be safely shown in a form.
778	 * Special characters are converted.
779	 *
780	 * @access	public
781	 * @param	string
782	 * @return	string
783	 */
784	function prep_for_form($data = '')
785	{
786		if (is_array($data))
787		{
788			foreach ($data as $key => $val)
789			{
790				$data[$key] = $this->prep_for_form($val);
791			}
792			
793			return $data;
794		}
795		
796		if ($this->_safe_form_data == FALSE OR $data == '')
797		{
798			return $data;
799		}
800
801		return str_replace(array("'", '"', '<', '>'), array("&#39;", "&quot;", '&lt;', '&gt;'), stripslashes($data));
802	}
803	
804	// --------------------------------------------------------------------
805	
806	/**
807	 * Prep URL
808	 *
809	 * @access	public
810	 * @param	string
811	 * @return	string
812	 */	
813	function prep_url($str = '')
814	{
815		if ($str == 'http://' OR $str == '')
816		{
817			$_POST[$this->_current_field] = '';
818			return;
819		}
820		
821		if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://')
822		{
823			$str = 'http://'.$str;
824		}
825		
826		$_POST[$this->_current_field] = $str;
827	}
828	
829	// --------------------------------------------------------------------
830	
831	/**
832	 * Strip Image Tags
833	 *
834	 * @access	public
835	 * @param	string
836	 * @return	string
837	 */	
838	function strip_image_tags($str)
839	{
840		$_POST[$this->_current_field] = $this->CI->input->strip_image_tags($str);
841	}
842	
843	// --------------------------------------------------------------------
844	
845	/**
846	 * XSS Clean
847	 *
848	 * @access	public
849	 * @param	string
850	 * @return	string
851	 */	
852	function xss_clean($str)
853	{
854		$_POST[$this->_current_field] = $this->CI->input->xss_clean($str);
855	}
856	
857	// --------------------------------------------------------------------
858	
859	/**
860	 * Convert PHP tags to entities
861	 *
862	 * @access	public
863	 * @param	string
864	 * @return	string
865	 */	
866	function encode_php_tags($str)
867	{
868		$_POST[$this->_current_field] = str_replace(array('<?php', '<?PHP', '<?', '?>'),  array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
869	}
870
871}
872// END Validation Class
873
874/* End of file Validation.php */
875/* Location: ./system/libraries/Validation.php */