summaryrefslogtreecommitdiffstats
path: root/system/libraries/Form_validation.php
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-10-05 21:45:41 +0200
committerAndrey Andreev <narf@bofh.bg>2012-10-05 21:45:41 +0200
commit5b5021812ea6dc859312e00b6b0f078eea54c88d (patch)
tree0a8840ee0429cc405cb597438a73d03bca970c1a /system/libraries/Form_validation.php
parent49d08053257b55db511eaca08b8ab5d12149f3b6 (diff)
parentdbad54e09a39a77c7404dee9ca1a6b34299469d0 (diff)
Merge upstream branch
Diffstat (limited to 'system/libraries/Form_validation.php')
-rw-r--r--system/libraries/Form_validation.php99
1 files changed, 64 insertions, 35 deletions
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 67cbfd1a0..b490a34ca 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -187,14 +187,20 @@ class CI_Form_validation {
return $this;
}
+ // Convert an array of rules to a string
+ if (is_array($rules))
+ {
+ $rules = implode('|', $rules);
+ }
+
// No fields? Nothing to do...
- if ( ! is_string($field) OR ! is_string($rules) OR $field == '')
+ if ( ! is_string($field) OR ! is_string($rules) OR $field === '')
{
return $this;
}
// If the field label wasn't passed we use the field name
- $label = ($label == '') ? $field : $label;
+ $label = ($label === '') ? $field : $label;
// Is the field name an array? If it is an array, we break it apart
// into its components so that we can fetch the corresponding POST data later
@@ -207,7 +213,7 @@ class CI_Form_validation {
for ($i = 0, $c = count($matches[0]); $i < $c; $i++)
{
- if ($matches[1][$i] != '')
+ if ($matches[1][$i] !== '')
{
$indexes[] = $matches[1][$i];
}
@@ -318,12 +324,12 @@ class CI_Form_validation {
return '';
}
- if ($prefix == '')
+ if ($prefix === '')
{
$prefix = $this->_error_prefix;
}
- if ($suffix == '')
+ if ($suffix === '')
{
$suffix = $this->_error_suffix;
}
@@ -364,12 +370,12 @@ class CI_Form_validation {
return '';
}
- if ($prefix == '')
+ if ($prefix === '')
{
$prefix = $this->_error_prefix;
}
- if ($suffix == '')
+ if ($suffix === '')
{
$suffix = $this->_error_suffix;
}
@@ -378,7 +384,7 @@ class CI_Form_validation {
$str = '';
foreach ($this->_error_array as $val)
{
- if ($val != '')
+ if ($val !== '')
{
$str .= $prefix.$val.$suffix."\n";
}
@@ -417,9 +423,9 @@ class CI_Form_validation {
}
// Is there a validation rule for the particular URI being accessed?
- $uri = ($group == '') ? trim($this->CI->uri->ruri_string(), '/') : $group;
+ $uri = ($group === '') ? trim($this->CI->uri->ruri_string(), '/') : $group;
- if ($uri != '' && isset($this->_config_rules[$uri]))
+ if ($uri !== '' && isset($this->_config_rules[$uri]))
{
$this->set_rules($this->_config_rules[$uri]);
}
@@ -454,6 +460,12 @@ class CI_Form_validation {
$this->_field_data[$field]['postdata'] = $validation_array[$field];
}
+ // Don't try to validate if we have no rules set
+ if (empty($row['rules']))
+ {
+ continue;
+ }
+
$this->_execute($row, explode('|', $row['rules']), $this->_field_data[$field]['postdata']);
}
@@ -565,8 +577,7 @@ class CI_Form_validation {
{
foreach ($postdata as $key => $val)
{
- $this->_execute($row, $rules, $val, $cycles);
- $cycles++;
+ $this->_execute($row, $rules, $val, $key);
}
return;
@@ -629,7 +640,7 @@ class CI_Form_validation {
// We set the $postdata variable with the current data in our master array so that
// each cycle of the loop is dealing with the processed data from the last cycle
- if ($row['is_array'] == TRUE && is_array($this->_field_data[$row['field']]['postdata']))
+ if ($row['is_array'] === TRUE && is_array($this->_field_data[$row['field']]['postdata']))
{
// We shouldn't need this safety, but just in case there isn't an array index
// associated with this cycle we'll bail out
@@ -643,7 +654,12 @@ class CI_Form_validation {
}
else
{
- $postdata = $this->_field_data[$row['field']]['postdata'];
+ // If we get an array field, but it's not expected - then it is most likely
+ // somebody messing with the form on the client side, so we'll just consider
+ // it an empty field
+ $postdata = is_array($this->_field_data[$row['field']]['postdata'])
+ ? NULL
+ : $this->_field_data[$row['field']]['postdata'];
}
// Is the rule a callback?
@@ -852,7 +868,7 @@ class CI_Form_validation {
return '';
}
}
- elseif (($field == '' OR $value == '') OR ($field != $value))
+ elseif (($field === '' OR $value === '') OR ($field !== $value))
{
return '';
}
@@ -888,7 +904,7 @@ class CI_Form_validation {
return '';
}
}
- elseif (($field == '' OR $value == '') OR ($field != $value))
+ elseif (($field === '' OR $value === '') OR ($field !== $value))
{
return '';
}
@@ -987,15 +1003,19 @@ class CI_Form_validation {
* Minimum Length
*
* @param string
- * @param int
+ * @param string
* @return bool
*/
public function min_length($str, $val)
{
- if (preg_match('/[^0-9]/', $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
+ else
+ {
+ $val = (int) $val;
+ }
return (MB_ENABLED === TRUE)
? ($val <= mb_strlen($str))
@@ -1008,15 +1028,19 @@ class CI_Form_validation {
* Max Length
*
* @param string
- * @param int
+ * @param string
* @return bool
*/
public function max_length($str, $val)
{
- if (preg_match('/[^0-9]/', $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
+ else
+ {
+ $val = (int) $val;
+ }
return (MB_ENABLED === TRUE)
? ($val >= mb_strlen($str))
@@ -1029,19 +1053,23 @@ class CI_Form_validation {
* Exact Length
*
* @param string
- * @param int
+ * @param string
* @return bool
*/
public function exact_length($str, $val)
{
- if (preg_match('/[^0-9]/', $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
+ else
+ {
+ $val = (int) $val;
+ }
return (MB_ENABLED === TRUE)
- ? (mb_strlen($str) == $val)
- : (strlen($str) == $val);
+ ? (mb_strlen($str) === $val)
+ : (strlen($str) === $val);
}
// --------------------------------------------------------------------
@@ -1054,7 +1082,7 @@ class CI_Form_validation {
*/
public function valid_email($str)
{
- return (bool) preg_match('/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix', $str);
+ return (bool) filter_var($str, FILTER_VALIDATE_EMAIL);
}
// --------------------------------------------------------------------
@@ -1089,11 +1117,12 @@ class CI_Form_validation {
* Validate IP Address
*
* @param string
+ * @param string 'ipv4' or 'ipv6' to validate a specific IP format
* @return bool
*/
- public function valid_ip($ip)
+ public function valid_ip($ip, $which = '')
{
- return $this->CI->input->valid_ip($ip);
+ return $this->CI->input->valid_ip($ip, $which);
}
// --------------------------------------------------------------------
@@ -1106,7 +1135,7 @@ class CI_Form_validation {
*/
public function alpha($str)
{
- return (bool) preg_match('/^[a-z]+$/i', $str);
+ return ctype_alpha($str);
}
// --------------------------------------------------------------------
@@ -1119,7 +1148,7 @@ class CI_Form_validation {
*/
public function alpha_numeric($str)
{
- return (bool) preg_match('/^[a-z0-9]+$/i', $str);
+ return ctype_alnum((string) $str);
}
// --------------------------------------------------------------------
@@ -1241,7 +1270,7 @@ class CI_Form_validation {
*/
public function is_natural($str)
{
- return (bool) preg_match('/^[0-9]+$/', $str);
+ return ctype_digit((string) $str);
}
// --------------------------------------------------------------------
@@ -1254,7 +1283,7 @@ class CI_Form_validation {
*/
public function is_natural_no_zero($str)
{
- return ($str != 0 && preg_match('/^[0-9]+$/', $str));
+ return ($str != 0 && ctype_digit((string) $str));
}
// --------------------------------------------------------------------
@@ -1296,7 +1325,7 @@ class CI_Form_validation {
return $data;
}
- if ($this->_safe_form_data == FALSE OR $data === '')
+ if ($this->_safe_form_data === FALSE OR $data === '')
{
return $data;
}
@@ -1314,7 +1343,7 @@ class CI_Form_validation {
*/
public function prep_url($str = '')
{
- if ($str === 'http://' OR $str == '')
+ if ($str === 'http://' OR $str === '')
{
return '';
}
@@ -1337,7 +1366,7 @@ class CI_Form_validation {
*/
public function strip_image_tags($str)
{
- return $this->CI->input->strip_image_tags($str);
+ return $this->CI->security->strip_image_tags($str);
}
// --------------------------------------------------------------------
@@ -1363,7 +1392,7 @@ class CI_Form_validation {
*/
public function encode_php_tags($str)
{
- return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
+ return str_replace(array('<?', '?>'), array('&lt;?', '?&gt;'), $str);
}
// --------------------------------------------------------------------