summaryrefslogtreecommitdiffstats
path: root/system/libraries/Form_validation.php
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2017-09-09 16:05:22 +0200
committerFlorian Pritz <bluewind@xinu.at>2017-09-09 16:05:22 +0200
commit27639d64d06b62f237bbde253c46cd28fdce8884 (patch)
tree7a2f00cfd44cfcdfe6cb1abc1cfc0675632948c4 /system/libraries/Form_validation.php
parent9c5bfbee5b42ea50a5611c537b8dbf01d7a64f79 (diff)
parent6c7a4266410070d30f8f6bcdf9c9e67f3d6478e3 (diff)
Merge tag '3.1.5' into dev-ci3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'system/libraries/Form_validation.php')
-rw-r--r--system/libraries/Form_validation.php1222
1 files changed, 712 insertions, 510 deletions
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 3839fe42b..71d0e64b1 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1,19 +1,41 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP
*
- * @package CodeIgniter
- * @author ExpressionEngine Dev Team
- * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc.
- * @license http://codeigniter.com/user_guide/license.html
- * @link http://codeigniter.com
- * @since Version 1.0
+ * This content is released under the MIT License (MIT)
+ *
+ * Copyright (c) 2014 - 2017, British Columbia Institute of Technology
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @package CodeIgniter
+ * @author EllisLab Dev Team
+ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
+ * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/)
+ * @license http://opensource.org/licenses/MIT MIT License
+ * @link https://codeigniter.com
+ * @since Version 1.0.0
* @filesource
*/
-
-// ------------------------------------------------------------------------
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Form Validation Class
@@ -21,41 +43,110 @@
* @package CodeIgniter
* @subpackage Libraries
* @category Validation
- * @author ExpressionEngine Dev Team
- * @link http://codeigniter.com/user_guide/libraries/form_validation.html
+ * @author EllisLab Dev Team
+ * @link https://codeigniter.com/user_guide/libraries/form_validation.html
*/
class CI_Form_validation {
+ /**
+ * Reference to the CodeIgniter instance
+ *
+ * @var object
+ */
protected $CI;
- protected $_field_data = array();
- protected $_config_rules = array();
- protected $_error_array = array();
- protected $_error_messages = array();
- protected $_error_prefix = '<p>';
- protected $_error_suffix = '</p>';
- protected $error_string = '';
- protected $_safe_form_data = FALSE;
/**
- * Constructor
+ * Validation data for the current form submission
+ *
+ * @var array
+ */
+ protected $_field_data = array();
+
+ /**
+ * Validation rules for the current form
+ *
+ * @var array
+ */
+ protected $_config_rules = array();
+
+ /**
+ * Array of validation errors
+ *
+ * @var array
+ */
+ protected $_error_array = array();
+
+ /**
+ * Array of custom error messages
+ *
+ * @var array
+ */
+ protected $_error_messages = array();
+
+ /**
+ * Start tag for error wrapping
+ *
+ * @var string
+ */
+ protected $_error_prefix = '<p>';
+
+ /**
+ * End tag for error wrapping
+ *
+ * @var string
+ */
+ protected $_error_suffix = '</p>';
+
+ /**
+ * Custom error message
+ *
+ * @var string
+ */
+ protected $error_string = '';
+
+ /**
+ * Whether the form data has been validated as safe
+ *
+ * @var bool
+ */
+ protected $_safe_form_data = FALSE;
+
+ /**
+ * Custom data to validate
+ *
+ * @var array
+ */
+ public $validation_data = array();
+
+ /**
+ * Initialize Form_Validation class
+ *
+ * @param array $rules
+ * @return void
*/
public function __construct($rules = array())
{
$this->CI =& get_instance();
+ // applies delimiters set in config file.
+ if (isset($rules['error_prefix']))
+ {
+ $this->_error_prefix = $rules['error_prefix'];
+ unset($rules['error_prefix']);
+ }
+ if (isset($rules['error_suffix']))
+ {
+ $this->_error_suffix = $rules['error_suffix'];
+ unset($rules['error_suffix']);
+ }
+
// Validation rules can be stored in a config file.
$this->_config_rules = $rules;
// Automatically load the form helper
$this->CI->load->helper('form');
- // Set the character encoding in MB.
- if (function_exists('mb_internal_encoding'))
- {
- mb_internal_encoding($this->CI->config->item('charset'));
- }
-
- log_message('debug', "Form Validation Class Initialized");
+ log_message('info', 'Form Validation Class Initialized');
}
// --------------------------------------------------------------------
@@ -64,86 +155,95 @@ class CI_Form_validation {
* Set Rules
*
* This function takes an array of field names and validation
- * rules as input, validates the info, and stores it
+ * rules as input, any custom error messages, validates the info,
+ * and stores it
*
- * @access public
- * @param mixed
- * @param string
- * @return void
+ * @param mixed $field
+ * @param string $label
+ * @param mixed $rules
+ * @param array $errors
+ * @return CI_Form_validation
*/
- public function set_rules($field, $label = '', $rules = '')
+ public function set_rules($field, $label = '', $rules = array(), $errors = array())
{
// No reason to set rules if we have no POST data
- if (count($_POST) == 0)
+ // or a validation array has not been specified
+ if ($this->CI->input->method() !== 'post' && empty($this->validation_data))
{
return $this;
}
- // If an array was passed via the first parameter instead of indidual string
+ // If an array was passed via the first parameter instead of individual string
// values we cycle through it and recursively call this function.
if (is_array($field))
{
foreach ($field as $row)
{
// Houston, we have a problem...
- if ( ! isset($row['field']) OR ! isset($row['rules']))
+ if ( ! isset($row['field'], $row['rules']))
{
continue;
}
// If the field label wasn't passed we use the field name
- $label = ( ! isset($row['label'])) ? $row['field'] : $row['label'];
+ $label = isset($row['label']) ? $row['label'] : $row['field'];
+
+ // Add the custom error message array
+ $errors = (isset($row['errors']) && is_array($row['errors'])) ? $row['errors'] : array();
// Here we go!
- $this->set_rules($row['field'], $label, $row['rules']);
+ $this->set_rules($row['field'], $label, $row['rules'], $errors);
}
+
return $this;
}
- // No fields? Nothing to do...
- if ( ! is_string($field) OR ! is_string($rules) OR $field == '')
+ // No fields or no rules? Nothing to do...
+ if ( ! is_string($field) OR $field === '' OR empty($rules))
{
return $this;
}
+ elseif ( ! is_array($rules))
+ {
+ // BC: Convert pipe-separated rules string to an array
+ if ( ! is_string($rules))
+ {
+ return $this;
+ }
+
+ $rules = preg_split('/\|(?![^\[]*\])/', $rules);
+ }
// If the field label wasn't passed we use the field name
- $label = ($label == '') ? $field : $label;
+ $label = ($label === '') ? $field : $label;
+
+ $indexes = array();
- // Is the field name an array? We test for the existence of a bracket "[" in
- // the field name to determine this. If it is an array, we break it apart
+ // Is the field name an array? If it is an array, we break it apart
// into its components so that we can fetch the corresponding POST data later
- if (strpos($field, '[') !== FALSE AND preg_match_all('/\[(.*?)\]/', $field, $matches))
+ if (($is_array = (bool) preg_match_all('/\[(.*?)\]/', $field, $matches)) === TRUE)
{
- // Note: Due to a bug in current() that affects some versions
- // of PHP we can not pass function call directly into it
- $x = explode('[', $field);
- $indexes[] = current($x);
+ sscanf($field, '%[^[][', $indexes[0]);
- for ($i = 0; $i < count($matches['0']); $i++)
+ for ($i = 0, $c = count($matches[0]); $i < $c; $i++)
{
- if ($matches['1'][$i] != '')
+ if ($matches[1][$i] !== '')
{
- $indexes[] = $matches['1'][$i];
+ $indexes[] = $matches[1][$i];
}
}
-
- $is_array = TRUE;
- }
- else
- {
- $indexes = array();
- $is_array = FALSE;
}
// Build our master array
$this->_field_data[$field] = array(
- 'field' => $field,
- 'label' => $label,
- 'rules' => $rules,
- 'is_array' => $is_array,
- 'keys' => $indexes,
- 'postdata' => NULL,
- 'error' => ''
+ 'field' => $field,
+ 'label' => $label,
+ 'rules' => $rules,
+ 'errors' => $errors,
+ 'is_array' => $is_array,
+ 'keys' => $indexes,
+ 'postdata' => NULL,
+ 'error' => ''
);
return $this;
@@ -152,15 +252,39 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
+ * By default, form validation uses the $_POST array to validate
+ *
+ * If an array is set through this method, then this array will
+ * be used instead of the $_POST array
+ *
+ * Note that if you are validating multiple arrays, then the
+ * reset_validation() function should be called after validating
+ * each array due to the limitations of CI's singleton
+ *
+ * @param array $data
+ * @return CI_Form_validation
+ */
+ public function set_data(array $data)
+ {
+ if ( ! empty($data))
+ {
+ $this->validation_data = $data;
+ }
+
+ return $this;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Set Error Message
*
- * Lets users set their own error messages on the fly. Note: The key
- * name has to match the function name that it corresponds to.
+ * Lets users set their own error messages on the fly. Note:
+ * The key name has to match the function name that it corresponds to.
*
- * @access public
- * @param string
+ * @param array
* @param string
- * @return string
+ * @return CI_Form_validation
*/
public function set_message($lang, $val = '')
{
@@ -170,7 +294,6 @@ class CI_Form_validation {
}
$this->_error_messages = array_merge($this->_error_messages, $lang);
-
return $this;
}
@@ -181,16 +304,14 @@ class CI_Form_validation {
*
* Permits a prefix/suffix to be added to each error message
*
- * @access public
* @param string
* @param string
- * @return void
+ * @return CI_Form_validation
*/
public function set_error_delimiters($prefix = '<p>', $suffix = '</p>')
{
$this->_error_prefix = $prefix;
$this->_error_suffix = $suffix;
-
return $this;
}
@@ -201,23 +322,24 @@ class CI_Form_validation {
*
* Gets the error message associated with a particular field
*
- * @access public
- * @param string the field name
- * @return void
+ * @param string $field Field name
+ * @param string $prefix HTML start tag
+ * @param string $suffix HTML end tag
+ * @return string
*/
- public function error($field = '', $prefix = '', $suffix = '')
+ public function error($field, $prefix = '', $suffix = '')
{
- if ( ! isset($this->_field_data[$field]['error']) OR $this->_field_data[$field]['error'] == '')
+ if (empty($this->_field_data[$field]['error']))
{
return '';
}
- if ($prefix == '')
+ if ($prefix === '')
{
$prefix = $this->_error_prefix;
}
- if ($suffix == '')
+ if ($suffix === '')
{
$suffix = $this->_error_suffix;
}
@@ -228,29 +350,42 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
+ * Get Array of Error Messages
+ *
+ * Returns the error messages as an array
+ *
+ * @return array
+ */
+ public function error_array()
+ {
+ return $this->_error_array;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Error String
*
* Returns the error messages as a string, wrapped in the error delimiters
*
- * @access public
* @param string
* @param string
- * @return str
+ * @return string
*/
public function error_string($prefix = '', $suffix = '')
{
- // No errrors, validation passes!
+ // No errors, validation passes!
if (count($this->_error_array) === 0)
{
return '';
}
- if ($prefix == '')
+ if ($prefix === '')
{
$prefix = $this->_error_prefix;
}
- if ($suffix == '')
+ if ($suffix === '')
{
$suffix = $this->_error_suffix;
}
@@ -259,7 +394,7 @@ class CI_Form_validation {
$str = '';
foreach ($this->_error_array as $val)
{
- if ($val != '')
+ if ($val !== '')
{
$str .= $prefix.$val.$suffix."\n";
}
@@ -275,43 +410,38 @@ class CI_Form_validation {
*
* This function does all the work.
*
- * @access public
+ * @param string $group
* @return bool
*/
public function run($group = '')
{
- // Do we even have any data to process? Mm?
- if (count($_POST) == 0)
- {
- return FALSE;
- }
+ $validation_array = empty($this->validation_data)
+ ? $_POST
+ : $this->validation_data;
// Does the _field_data array containing the validation rules exist?
// If not, we look to see if they were assigned via a config file
- if (count($this->_field_data) == 0)
+ if (count($this->_field_data) === 0)
{
// No validation rules? We're done...
- if (count($this->_config_rules) == 0)
+ if (count($this->_config_rules) === 0)
{
return FALSE;
}
- // Is there a validation rule for the particular URI being accessed?
- $uri = ($group == '') ? trim($this->CI->uri->ruri_string(), '/') : $group;
-
- if ($uri != '' AND isset($this->_config_rules[$uri]))
- {
- $this->set_rules($this->_config_rules[$uri]);
- }
- else
+ if (empty($group))
{
- $this->set_rules($this->_config_rules);
+ // Is there a validation rule for the particular URI being accessed?
+ $group = trim($this->CI->uri->ruri_string(), '/');
+ isset($this->_config_rules[$group]) OR $group = $this->CI->router->class.'/'.$this->CI->router->method;
}
- // We're we able to set the rules correctly?
- if (count($this->_field_data) == 0)
+ $this->set_rules(isset($this->_config_rules[$group]) ? $this->_config_rules[$group] : $this->_config_rules);
+
+ // Were we able to set the rules correctly?
+ if (count($this->_field_data) === 0)
{
- log_message('debug', "Unable to find validation rules");
+ log_message('debug', 'Unable to find validation rules');
return FALSE;
}
}
@@ -319,47 +449,103 @@ class CI_Form_validation {
// Load the language file containing error messages
$this->CI->lang->load('form_validation');
- // Cycle through the rules for each field, match the
- // corresponding $_POST item and test for errors
- foreach ($this->_field_data as $field => $row)
+ // Cycle through the rules for each field and match the corresponding $validation_data item
+ foreach ($this->_field_data as $field => &$row)
{
- // Fetch the data from the corresponding $_POST array and cache it in the _field_data array.
+ // Fetch the data from the validation_data array item and cache it in the _field_data array.
// Depending on whether the field name is an array or a string will determine where we get it from.
-
- if ($row['is_array'] == TRUE)
+ if ($row['is_array'] === TRUE)
{
- $this->_field_data[$field]['postdata'] = $this->_reduce_array($_POST, $row['keys']);
+ $this->_field_data[$field]['postdata'] = $this->_reduce_array($validation_array, $row['keys']);
}
- else
+ elseif (isset($validation_array[$field]))
{
- if (isset($_POST[$field]) AND $_POST[$field] != "")
- {
- $this->_field_data[$field]['postdata'] = $_POST[$field];
- }
+ $this->_field_data[$field]['postdata'] = $validation_array[$field];
+ }
+ }
+
+ // Execute validation rules
+ // Note: A second foreach (for now) is required in order to avoid false-positives
+ // for rules like 'matches', which correlate to other validation fields.
+ foreach ($this->_field_data as $field => &$row)
+ {
+ // Don't try to validate if we have no rules set
+ if (empty($row['rules']))
+ {
+ continue;
}
- $this->_execute($row, explode('|', $row['rules']), $this->_field_data[$field]['postdata']);
+ $this->_execute($row, $row['rules'], $row['postdata']);
}
// Did we end up with any errors?
$total_errors = count($this->_error_array);
-
if ($total_errors > 0)
{
$this->_safe_form_data = TRUE;
}
// Now we need to re-set the POST data with the new, processed data
- $this->_reset_post_array();
+ empty($this->validation_data) && $this->_reset_post_array();
- // No errors, validation passes!
- if ($total_errors == 0)
+ return ($total_errors === 0);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Prepare rules
+ *
+ * Re-orders the provided rules in order of importance, so that
+ * they can easily be executed later without weird checks ...
+ *
+ * "Callbacks" are given the highest priority (always called),
+ * followed by 'required' (called if callbacks didn't fail),
+ * and then every next rule depends on the previous one passing.
+ *
+ * @param array $rules
+ * @return array
+ */
+ protected function _prepare_rules($rules)
+ {
+ $new_rules = array();
+ $callbacks = array();
+
+ foreach ($rules as &$rule)
{
- return TRUE;
+ // Let 'required' always be the first (non-callback) rule
+ if ($rule === 'required')
+ {
+ array_unshift($new_rules, 'required');
+ }
+ // 'isset' is a kind of a weird alias for 'required' ...
+ elseif ($rule === 'isset' && (empty($new_rules) OR $new_rules[0] !== 'required'))
+ {
+ array_unshift($new_rules, 'isset');
+ }
+ // The old/classic 'callback_'-prefixed rules
+ elseif (is_string($rule) && strncmp('callback_', $rule, 9) === 0)
+ {
+ $callbacks[] = $rule;
+ }
+ // Proper callables
+ elseif (is_callable($rule))
+ {
+ $callbacks[] = $rule;
+ }
+ // "Named" callables; i.e. array('name' => $callable)
+ elseif (is_array($rule) && isset($rule[0], $rule[1]) && is_callable($rule[1]))
+ {
+ $callbacks[] = $rule;
+ }
+ // Everything else goes at the end of the queue
+ else
+ {
+ $new_rules[] = $rule;
+ }
}
- // Validation fails
- return FALSE;
+ return array_merge($callbacks, $new_rules);
}
// --------------------------------------------------------------------
@@ -367,34 +553,20 @@ class CI_Form_validation {
/**
* Traverse a multidimensional $_POST array index until the data is found
*
- * @access private
* @param array
* @param array
- * @param integer
+ * @param int
* @return mixed
*/
protected function _reduce_array($array, $keys, $i = 0)
{
- if (is_array($array))
+ if (is_array($array) && isset($keys[$i]))
{
- if (isset($keys[$i]))
- {
- if (isset($array[$keys[$i]]))
- {
- $array = $this->_reduce_array($array[$keys[$i]], $keys, ($i+1));
- }
- else
- {
- return NULL;
- }
- }
- else
- {
- return $array;
- }
+ return isset($array[$keys[$i]]) ? $this->_reduce_array($array[$keys[$i]], $keys, ($i+1)) : NULL;
}
- return $array;
+ // NULL must be returned for empty fields
+ return ($array === '') ? NULL : $array;
}
// --------------------------------------------------------------------
@@ -402,21 +574,17 @@ class CI_Form_validation {
/**
* Re-populate the _POST array with our finalized and processed data
*
- * @access private
- * @return null
+ * @return void
*/
protected function _reset_post_array()
{
foreach ($this->_field_data as $field => $row)
{
- if ( ! is_null($row['postdata']))
+ if ($row['postdata'] !== NULL)
{
- if ($row['is_array'] == FALSE)
+ if ($row['is_array'] === FALSE)
{
- if (isset($_POST[$row['field']]))
- {
- $_POST[$row['field']] = $this->prep_for_form($row['postdata']);
- }
+ isset($_POST[$field]) && $_POST[$field] = $row['postdata'];
}
else
{
@@ -424,7 +592,7 @@ class CI_Form_validation {
$post_ref =& $_POST;
// before we assign values, make a reference to the right POST key
- if (count($row['keys']) == 1)
+ if (count($row['keys']) === 1)
{
$post_ref =& $post_ref[current($row['keys'])];
}
@@ -436,20 +604,7 @@ class CI_Form_validation {
}
}
- if (is_array($row['postdata']))
- {
- $array = array();
- foreach ($row['postdata'] as $k => $v)
- {
- $array[$k] = $this->prep_for_form($v);
- }
-
- $post_ref = $array;
- }
- else
- {
- $post_ref = $this->prep_for_form($row['postdata']);
- }
+ $post_ref = $row['postdata'];
}
}
}
@@ -460,92 +615,36 @@ class CI_Form_validation {
/**
* Executes the Validation routines
*
- * @access private
* @param array
* @param array
* @param mixed
- * @param integer
+ * @param int
* @return mixed
*/
protected function _execute($row, $rules, $postdata = NULL, $cycles = 0)
{
// If the $_POST data is an array we will run a recursive call
- if (is_array($postdata))
+ //
+ // Note: We MUST check if the array is empty or not!
+ // Otherwise empty arrays will always pass validation.
+ if (is_array($postdata) && ! empty($postdata))
{
foreach ($postdata as $key => $val)
{
- $this->_execute($row, $rules, $val, $cycles);
- $cycles++;
- }
-
- return;
- }
-
- // --------------------------------------------------------------------
-
- // If the field is blank, but NOT required, no further tests are necessary
- $callback = FALSE;
- if ( ! in_array('required', $rules) AND is_null($postdata))
- {
- // Before we bail out, does the rule contain a callback?
- if (preg_match("/(callback_\w+(\[.*?\])?)/", implode(' ', $rules), $match))
- {
- $callback = TRUE;
- $rules = (array('1' => $match[1]));
- }
- else
- {
- return;
- }
- }
-
- // --------------------------------------------------------------------
-
- // Isset Test. Typically this rule will only apply to checkboxes.
- if (is_null($postdata) AND $callback == FALSE)
- {
- if (in_array('isset', $rules, TRUE) OR in_array('required', $rules))
- {
- // Set the message type
- $type = (in_array('required', $rules)) ? 'required' : 'isset';
-
- if ( ! isset($this->_error_messages[$type]))
- {
- if (FALSE === ($line = $this->CI->lang->line($type)))
- {
- $line = 'The field was not set';
- }
- }
- else
- {
- $line = $this->_error_messages[$type];
- }
-
- // Build the error message
- $message = sprintf($line, $this->_translate_fieldname($row['label']));
-
- // Save the error message
- $this->_field_data[$row['field']]['error'] = $message;
-
- if ( ! isset($this->_error_array[$row['field']]))
- {
- $this->_error_array[$row['field']] = $message;
- }
+ $this->_execute($row, $rules, $val, $key);
}
return;
}
- // --------------------------------------------------------------------
-
- // Cycle through each rule and run it
- foreach ($rules As $rule)
+ $rules = $this->_prepare_rules($rules);
+ foreach ($rules as $rule)
{
$_in_array = FALSE;
// We set the $postdata variable with the current data in our master array so that
// each cycle of the loop is dealing with the processed data from the last cycle
- if ($row['is_array'] == TRUE AND is_array($this->_field_data[$row['field']]['postdata']))
+ if ($row['is_array'] === TRUE && is_array($this->_field_data[$row['field']]['postdata']))
{
// We shouldn't need this safety, but just in case there isn't an array index
// associated with this cycle we'll bail out
@@ -559,118 +658,154 @@ class CI_Form_validation {
}
else
{
- $postdata = $this->_field_data[$row['field']]['postdata'];
+ // If we get an array field, but it's not expected - then it is most likely
+ // somebody messing with the form on the client side, so we'll just consider
+ // it an empty field
+ $postdata = is_array($this->_field_data[$row['field']]['postdata'])
+ ? NULL
+ : $this->_field_data[$row['field']]['postdata'];
}
- // --------------------------------------------------------------------
-
// Is the rule a callback?
- $callback = FALSE;
- if (substr($rule, 0, 9) == 'callback_')
+ $callback = $callable = FALSE;
+ if (is_string($rule))
{
- $rule = substr($rule, 9);
- $callback = TRUE;
+ if (strpos($rule, 'callback_') === 0)
+ {
+ $rule = substr($rule, 9);
+ $callback = TRUE;
+ }
+ }
+ elseif (is_callable($rule))
+ {
+ $callable = TRUE;
+ }
+ elseif (is_array($rule) && isset($rule[0], $rule[1]) && is_callable($rule[1]))
+ {
+ // We have a "named" callable, so save the name
+ $callable = $rule[0];
+ $rule = $rule[1];
}
// Strip the parameter (if exists) from the rule
// Rules can contain a parameter: max_length[5]
$param = FALSE;
- if (preg_match("/(.*?)\[(.*)\]/", $rule, $match))
+ if ( ! $callable && preg_match('/(.*?)\[(.*)\]/', $rule, $match))
{
- $rule = $match[1];
- $param = $match[2];
+ $rule = $match[1];
+ $param = $match[2];
+ }
+
+ // Ignore empty, non-required inputs with a few exceptions ...
+ if (
+ ($postdata === NULL OR $postdata === '')
+ && $callback === FALSE
+ && $callable === FALSE
+ && ! in_array($rule, array('required', 'isset', 'matches'), TRUE)
+ )
+ {
+ continue;
}
// Call the function that corresponds to the rule
- if ($callback === TRUE)
+ if ($callback OR $callable !== FALSE)
{
- if ( ! method_exists($this->CI, $rule))
+ if ($callback)
{
- continue;
+ if ( ! method_exists($this->CI, $rule))
+ {
+ log_message('debug', 'Unable to find callback validation rule: '.$rule);
+ $result = FALSE;
+ }
+ else
+ {
+ // Run the function and grab the result
+ $result = $this->CI->$rule($postdata, $param);
+ }
}
+ else
+ {
+ $result = is_array($rule)
+ ? $rule[0]->{$rule[1]}($postdata)
+ : $rule($postdata);
- // Run the function and grab the result
- $result = $this->CI->$rule($postdata, $param);
+ // Is $callable set to a rule name?
+ if ($callable !== FALSE)
+ {
+ $rule = $callable;
+ }
+ }
// Re-assign the result to the master data array
- if ($_in_array == TRUE)
+ if ($_in_array === TRUE)
{
- $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result;
+ $this->_field_data[$row['field']]['postdata'][$cycles] = is_bool($result) ? $postdata : $result;
}
else
{
- $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result;
- }
-
- // If the field isn't required and we just processed a callback we'll move on...
- if ( ! in_array('required', $rules, TRUE) AND $result !== FALSE)
- {
- continue;
+ $this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result;
}
}
- else
+ elseif ( ! method_exists($this, $rule))
{
- if ( ! method_exists($this, $rule))
+ // If our own wrapper function doesn't exist we see if a native PHP function does.
+ // Users can use any native PHP function call that has one param.
+ if (function_exists($rule))
{
- // If our own wrapper function doesn't exist we see if a native PHP function does.
- // Users can use any native PHP function call that has one param.
- if (function_exists($rule))
- {
- $result = $rule($postdata);
+ // Native PHP functions issue warnings if you pass them more parameters than they use
+ $result = ($param !== FALSE) ? $rule($postdata, $param) : $rule($postdata);
- if ($_in_array == TRUE)
- {
- $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result;
- }
- else
- {
- $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result;
- }
+ if ($_in_array === TRUE)
+ {
+ $this->_field_data[$row['field']]['postdata'][$cycles] = is_bool($result) ? $postdata : $result;
}
else
{
- log_message('debug', "Unable to find validation rule: ".$rule);
+ $this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result;
}
-
- continue;
}
-
+ else
+ {
+ log_message('debug', 'Unable to find validation rule: '.$rule);
+ $result = FALSE;
+ }
+ }
+ else
+ {
$result = $this->$rule($postdata, $param);
- if ($_in_array == TRUE)
+ if ($_in_array === TRUE)
{
- $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result;
+ $this->_field_data[$row['field']]['postdata'][$cycles] = is_bool($result) ? $postdata : $result;
}
else
{
- $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result;
+ $this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result;
}
}
- // Did the rule test negatively? If so, grab the error.
+ // Did the rule test negatively? If so, grab the error.
if ($result === FALSE)
{
- if ( ! isset($this->_error_messages[$rule]))
+ // Callable rules might not have named error messages
+ if ( ! is_string($rule))
{
- if (FALSE === ($line = $this->CI->lang->line($rule)))
- {
- $line = 'Unable to access an error message corresponding to your field name.';
- }
+ $line = $this->CI->lang->line('form_validation_error_message_not_set').'(Anonymous function)';
}
else
{
- $line = $this->_error_messages[$rule];
+ $line = $this->_get_error_message($rule, $row['field']);
}
// Is the parameter we are inserting into the error message the name
- // of another field? If so we need to grab its "field label"
- if (isset($this->_field_data[$param]) AND isset($this->_field_data[$param]['label']))
+ // of another field? If so we need to grab its "field label"
+ if (isset($this->_field_data[$param], $this->_field_data[$param]['label']))
{
$param = $this->_translate_fieldname($this->_field_data[$param]['label']);
}
// Build the error message
- $message = sprintf($line, $this->_translate_fieldname($row['label']), $param);
+ $message = $this->_build_error_msg($line, $this->_translate_fieldname($row['label']), $param);
// Save the error message
$this->_field_data[$row['field']]['error'] = $message;
@@ -688,26 +823,52 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
+ * Get the error message for the rule
+ *
+ * @param string $rule The rule name
+ * @param string $field The field name
+ * @return string
+ */
+ protected function _get_error_message($rule, $field)
+ {
+ // check if a custom message is defined through validation config row.
+ if (isset($this->_field_data[$field]['errors'][$rule]))
+ {
+ return $this->_field_data[$field]['errors'][$rule];
+ }
+ // check if a custom message has been set using the set_message() function
+ elseif (isset($this->_error_messages[$rule]))
+ {
+ return $this->_error_messages[$rule];
+ }
+ elseif (FALSE !== ($line = $this->CI->lang->line('form_validation_'.$rule)))
+ {
+ return $line;
+ }
+ // DEPRECATED support for non-prefixed keys, lang file again
+ elseif (FALSE !== ($line = $this->CI->lang->line($rule, FALSE)))
+ {
+ return $line;
+ }
+
+ return $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')';
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Translate a field name
*
- * @access private
* @param string the field name
* @return string
*/
protected function _translate_fieldname($fieldname)
{
- // Do we need to translate the field name?
- // We look for the prefix lang: to determine this
- if (substr($fieldname, 0, 5) == 'lang:')
+ // Do we need to translate the field name? We look for the prefix 'lang:' to determine this
+ // If we find one, but there's no translation for the string - just return it
+ if (sscanf($fieldname, 'lang:%s', $line) === 1 && FALSE === ($fieldname = $this->CI->lang->line($line, FALSE)))
{
- // Grab the variable
- $line = substr($fieldname, 5);
-
- // Were we able to translate the field name? If not we use $line
- if (FALSE === ($fieldname = $this->CI->lang->line($line)))
- {
- return $line;
- }
+ return $line;
}
return $fieldname;
@@ -716,25 +877,60 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
+ * Build an error message using the field and param.
+ *
+ * @param string The error message line
+ * @param string A field's human name
+ * @param mixed A rule's optional parameter
+ * @return string
+ */
+ protected function _build_error_msg($line, $field = '', $param = '')
+ {
+ // Check for %s in the string for legacy support.
+ if (strpos($line, '%s') !== FALSE)
+ {
+ return sprintf($line, $field, $param);
+ }
+
+ return str_replace(array('{field}', '{param}'), array($field, $param), $line);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Checks if the rule is present within the validator
+ *
+ * Permits you to check if a rule is present within the validator
+ *
+ * @param string the field name
+ * @return bool
+ */
+ public function has_rule($field)
+ {
+ return isset($this->_field_data[$field]);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Get the value from a form
*
* Permits you to repopulate a form field with the value it was submitted
* with, or, if that value doesn't exist, with the default
*
- * @access public
* @param string the field name
* @param string
- * @return void
+ * @return string
*/
public function set_value($field = '', $default = '')
{
- if ( ! isset($this->_field_data[$field]))
+ if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata']))
{
return $default;
}
// If the data is an array output them one at a time.
- // E.g: form_input('name[]', set_value('name[]');
+ // E.g: form_input('name[]', set_value('name[]');
if (is_array($this->_field_data[$field]['postdata']))
{
return array_shift($this->_field_data[$field]['postdata']);
@@ -751,37 +947,36 @@ class CI_Form_validation {
* Enables pull-down lists to be set to the value the user
* selected in the event of an error
*
- * @access public
* @param string
* @param string
+ * @param bool
* @return string
*/
public function set_select($field = '', $value = '', $default = FALSE)
{
- if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata']))
+ if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata']))
{
- if ($default === TRUE AND count($this->_field_data) === 0)
- {
- return ' selected="selected"';
- }
- return '';
+ return ($default === TRUE && count($this->_field_data) === 0) ? ' selected="selected"' : '';
}
$field = $this->_field_data[$field]['postdata'];
-
+ $value = (string) $value;
if (is_array($field))
{
- if ( ! in_array($value, $field))
+ // Note: in_array('', array(0)) returns TRUE, do not use it
+ foreach ($field as &$v)
{
- return '';
+ if ($value === $v)
+ {
+ return ' selected="selected"';
+ }
}
+
+ return '';
}
- else
+ elseif (($field === '' OR $value === '') OR ($field !== $value))
{
- if (($field == '' OR $value == '') OR ($field != $value))
- {
- return '';
- }
+ return '';
}
return ' selected="selected"';
@@ -795,37 +990,36 @@ class CI_Form_validation {
* Enables radio buttons to be set to the value the user
* selected in the event of an error
*
- * @access public
* @param string
* @param string
+ * @param bool
* @return string
*/
public function set_radio($field = '', $value = '', $default = FALSE)
{
- if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata']))
+ if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata']))
{
- if ($default === TRUE AND count($this->_field_data) === 0)
- {
- return ' checked="checked"';
- }
- return '';
+ return ($default === TRUE && count($this->_field_data) === 0) ? ' checked="checked"' : '';
}
$field = $this->_field_data[$field]['postdata'];
-
+ $value = (string) $value;
if (is_array($field))
{
- if ( ! in_array($value, $field))
+ // Note: in_array('', array(0)) returns TRUE, do not use it
+ foreach ($field as &$v)
{
- return '';
+ if ($value === $v)
+ {
+ return ' checked="checked"';
+ }
}
+
+ return '';
}
- else
+ elseif (($field === '' OR $value === '') OR ($field !== $value))
{
- if (($field == '' OR $value == '') OR ($field != $value))
- {
- return '';
- }
+ return '';
}
return ' checked="checked"';
@@ -839,40 +1033,15 @@ class CI_Form_validation {
* Enables checkboxes to be set to the value the user
* selected in the event of an error
*
- * @access public
* @param string
* @param string
+ * @param bool
* @return string
*/
public function set_checkbox($field = '', $value = '', $default = FALSE)
{
- if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata']))
- {
- if ($default === TRUE AND count($this->_field_data) === 0)
- {
- return ' checked="checked"';
- }
- return '';
- }
-
- $field = $this->_field_data[$field]['postdata'];
-
- if (is_array($field))
- {
- if ( ! in_array($value, $field))
- {
- return '';
- }
- }
- else
- {
- if (($field == '' OR $value == '') OR ($field != $value))
- {
- return '';
- }
- }
-
- return ' checked="checked"';
+ // Logic is exactly the same as for radio fields
+ return $this->set_radio($field, $value, $default);
}
// --------------------------------------------------------------------
@@ -880,20 +1049,14 @@ class CI_Form_validation {
/**
* Required
*
- * @access public
* @param string
* @return bool
*/
public function required($str)
{
- if ( ! is_array($str))
- {
- return (trim($str) == '') ? FALSE : TRUE;
- }
- else
- {
- return ( ! empty($str));
- }
+ return is_array($str)
+ ? (empty($str) === FALSE)
+ : (trim($str) !== '');
}
// --------------------------------------------------------------------
@@ -901,19 +1064,13 @@ class CI_Form_validation {
/**
* Performs a Regular Expression match test.
*
- * @access public
* @param string
- * @param regex
+ * @param string regex
* @return bool
*/
public function regex_match($str, $regex)
{
- if ( ! preg_match($regex, $str))
- {
- return FALSE;
- }
-
- return TRUE;
+ return (bool) preg_match($regex, $str);
}
// --------------------------------------------------------------------
@@ -921,64 +1078,68 @@ class CI_Form_validation {
/**
* Match one field to another
*
- * @access public
- * @param string
- * @param field
+ * @param string $str string to compare against
+ * @param string $field
* @return bool
*/
public function matches($str, $field)
{
- if ( ! isset($_POST[$field]))
- {
- return FALSE;
- }
+ return isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])
+ ? ($str === $this->_field_data[$field]['postdata'])
+ : FALSE;
+ }
- $field = $_POST[$field];
+ // --------------------------------------------------------------------
- return ($str !== $field) ? FALSE : TRUE;
+ /**
+ * Differs from another field
+ *
+ * @param string
+ * @param string field
+ * @return bool
+ */
+ public function differs($str, $field)
+ {
+ return ! (isset($this->_field_data[$field]) && $this->_field_data[$field]['postdata'] === $str);
}
-
+
// --------------------------------------------------------------------
/**
- * Match one field to another
+ * Is Unique
*
- * @access public
- * @param string
- * @param field
+ * Check if the input value doesn't already exist
+ * in the specified database field.
+ *
+ * @param string $str
+ * @param string $field
* @return bool
*/
public function is_unique($str, $field)
{
- list($table, $field)=explode('.', $field);
- $query = $this->CI->db->limit(1)->get_where($table, array($field => $str));
-
- return $query->num_rows() === 0;
- }
+ sscanf($field, '%[^.].%[^.]', $table, $field);
+ return isset($this->CI->db)
+ ? ($this->CI->db->limit(1)->get_where($table, array($field => $str))->num_rows() === 0)
+ : FALSE;
+ }
// --------------------------------------------------------------------
/**
* Minimum Length
*
- * @access public
* @param string
- * @param value
+ * @param string
* @return bool
*/
public function min_length($str, $val)
{
- if (preg_match("/[^0-9]/", $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
- if (function_exists('mb_strlen'))
- {
- return (mb_strlen($str) < $val) ? FALSE : TRUE;
- }
-
- return (strlen($str) < $val) ? FALSE : TRUE;
+ return ($val <= mb_strlen($str));
}
// --------------------------------------------------------------------
@@ -986,24 +1147,18 @@ class CI_Form_validation {
/**
* Max Length
*
- * @access public
* @param string
- * @param value
+ * @param string
* @return bool
*/
public function max_length($str, $val)
{
- if (preg_match("/[^0-9]/", $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
- if (function_exists('mb_strlen'))
- {
- return (mb_strlen($str) > $val) ? FALSE : TRUE;
- }
-
- return (strlen($str) > $val) ? FALSE : TRUE;
+ return ($val >= mb_strlen($str));
}
// --------------------------------------------------------------------
@@ -1011,24 +1166,57 @@ class CI_Form_validation {
/**
* Exact Length
*
- * @access public
* @param string
- * @param value
+ * @param string
* @return bool
*/
public function exact_length($str, $val)
{
- if (preg_match("/[^0-9]/", $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
- if (function_exists('mb_strlen'))
+ return (mb_strlen($str) === (int) $val);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Valid URL
+ *
+ * @param string $str
+ * @return bool
+ */
+ public function valid_url($str)
+ {
+ if (empty($str))
{
- return (mb_strlen($str) != $val) ? FALSE : TRUE;
+ return FALSE;
+ }
+ elseif (preg_match('/^(?:([^:]*)\:)?\/\/(.+)$/', $str, $matches))
+ {
+ if (empty($matches[2]))
+ {
+ return FALSE;
+ }
+ elseif ( ! in_array(strtolower($matches[1]), array('http', 'https'), TRUE))
+ {
+ return FALSE;
+ }
+
+ $str = $matches[2];
}
- return (strlen($str) != $val) ? FALSE : TRUE;
+ // PHP 7 accepts IPv6 addresses within square brackets as hostnames,
+ // but it appears that the PR that came in with https://bugs.php.net/bug.php?id=68039
+ // was never merged into a PHP 5 branch ... https://3v4l.org/8PsSN
+ if (preg_match('/^\[([^\]]+)\]/', $str, $matches) && ! is_php('7') && filter_var($matches[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== FALSE)
+ {
+ $str = 'ipv6.host'.substr($str, strlen($matches[1]) + 2);
+ }
+
+ return (filter_var('http://'.$str, FILTER_VALIDATE_URL) !== FALSE);
}
// --------------------------------------------------------------------
@@ -1036,13 +1224,17 @@ class CI_Form_validation {
/**
* Valid Email
*
- * @access public
* @param string
* @return bool
*/
public function valid_email($str)
{
- return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
+ if (function_exists('idn_to_ascii') && preg_match('#\A([^@]+)@(.+)\z#', $str, $matches))
+ {
+ $str = $matches[1].'@'.idn_to_ascii($matches[2]);
+ }
+
+ return (bool) filter_var($str, FILTER_VALIDATE_EMAIL);
}
// --------------------------------------------------------------------
@@ -1050,7 +1242,6 @@ class CI_Form_validation {
/**
* Valid Emails
*
- * @access public
* @param string
* @return bool
*/
@@ -1063,7 +1254,7 @@ class CI_Form_validation {
foreach (explode(',', $str) as $email)
{
- if (trim($email) != '' && $this->valid_email(trim($email)) === FALSE)
+ if (trim($email) !== '' && $this->valid_email(trim($email)) === FALSE)
{
return FALSE;
}
@@ -1077,10 +1268,9 @@ class CI_Form_validation {
/**
* Validate IP Address
*
- * @access public
* @param string
- * @param string "ipv4" or "ipv6" to validate a specific ip format
- * @return string
+ * @param string 'ipv4' or 'ipv6' to validate a specific IP format
+ * @return bool
*/
public function valid_ip($ip, $which = '')
{
@@ -1092,13 +1282,12 @@ class CI_Form_validation {
/**
* Alpha
*
- * @access public
* @param string
* @return bool
*/
public function alpha($str)
{
- return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE;
+ return ctype_alpha($str);
}
// --------------------------------------------------------------------
@@ -1106,56 +1295,52 @@ class CI_Form_validation {
/**
* Alpha-numeric
*
- * @access public
* @param string
* @return bool
*/
public function alpha_numeric($str)
{
- return ( ! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE;
+ return ctype_alnum((string) $str);
}
// --------------------------------------------------------------------
/**
- * Alpha-numeric with underscores and dashes
+ * Alpha-numeric w/ spaces
*
- * @access public
* @param string
* @return bool
*/
- public function alpha_dash($str)
+ public function alpha_numeric_spaces($str)
{
- return ( ! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE;
+ return (bool) preg_match('/^[A-Z0-9 ]+$/i', $str);
}
// --------------------------------------------------------------------
/**
- * Numeric
+ * Alpha-numeric with underscores and dashes
*
- * @access public
* @param string
* @return bool
*/
- public function numeric($str)
+ public function alpha_dash($str)
{
- return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str);
-
+ return (bool) preg_match('/^[a-z0-9_-]+$/i', $str);
}
// --------------------------------------------------------------------
/**
- * Is Numeric
+ * Numeric
*
- * @access public
* @param string
* @return bool
*/
- public function is_numeric($str)
+ public function numeric($str)
{
- return ( ! is_numeric($str)) ? FALSE : TRUE;
+ return (bool) preg_match('/^[\-+]?[0-9]*\.?[0-9]+$/', $str);
+
}
// --------------------------------------------------------------------
@@ -1163,7 +1348,6 @@ class CI_Form_validation {
/**
* Integer
*
- * @access public
* @param string
* @return bool
*/
@@ -1177,7 +1361,6 @@ class CI_Form_validation {
/**
* Decimal number
*
- * @access public
* @param string
* @return bool
*/
@@ -1189,19 +1372,29 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
- * Greather than
+ * Greater than
*
- * @access public
* @param string
+ * @param int
* @return bool
*/
public function greater_than($str, $min)
{
- if ( ! is_numeric($str))
- {
- return FALSE;
- }
- return $str > $min;
+ return is_numeric($str) ? ($str > $min) : FALSE;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Equal to or Greater than
+ *
+ * @param string
+ * @param int
+ * @return bool
+ */
+ public function greater_than_equal_to($str, $min)
+ {
+ return is_numeric($str) ? ($str >= $min) : FALSE;
}
// --------------------------------------------------------------------
@@ -1209,17 +1402,41 @@ class CI_Form_validation {
/**
* Less than
*
- * @access public
* @param string
+ * @param int
* @return bool
*/
public function less_than($str, $max)
{
- if ( ! is_numeric($str))
- {
- return FALSE;
- }
- return $str < $max;
+ return is_numeric($str) ? ($str < $max) : FALSE;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Equal to or Less than
+ *
+ * @param string
+ * @param int
+ * @return bool
+ */
+ public function less_than_equal_to($str, $max)
+ {
+ return is_numeric($str) ? ($str <= $max) : FALSE;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Value should be within an array of values
+ *
+ * @param string
+ * @param string
+ * @return bool
+ */
+ public function in_list($value, $list)
+ {
+ return in_array($value, explode(',', $list), TRUE);
}
// --------------------------------------------------------------------
@@ -1227,13 +1444,12 @@ class CI_Form_validation {
/**
* Is a Natural number (0,1,2,3, etc.)
*
- * @access public
* @param string
* @return bool
*/
public function is_natural($str)
{
- return (bool) preg_match( '/^[0-9]+$/', $str);
+ return ctype_digit((string) $str);
}
// --------------------------------------------------------------------
@@ -1241,23 +1457,12 @@ class CI_Form_validation {
/**
* Is a Natural number, but not a zero (1,2,3, etc.)
*
- * @access public
* @param string
* @return bool
*/
public function is_natural_no_zero($str)
{
- if ( ! preg_match( '/^[0-9]+$/', $str))
- {
- return FALSE;
- }
-
- if ($str == 0)
- {
- return FALSE;
- }
-
- return TRUE;
+ return ($str != 0 && ctype_digit((string) $str));
}
// --------------------------------------------------------------------
@@ -1268,13 +1473,12 @@ class CI_Form_validation {
* Tests a string for characters outside of the Base64 alphabet
* as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045
*
- * @access public
* @param string
* @return bool
*/
public function valid_base64($str)
{
- return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
+ return (base64_encode(base64_decode($str)) === $str);
}
// --------------------------------------------------------------------
@@ -1285,12 +1489,17 @@ class CI_Form_validation {
* This function allows HTML to be safely shown in a form.
* Special characters are converted.
*
- * @access public
- * @param string
- * @return string
+ * @deprecated 3.0.6 Not used anywhere within the framework and pretty much useless
+ * @param mixed $data Input data
+ * @return mixed
*/
- public function prep_for_form($data = '')
+ public function prep_for_form($data)
{
+ if ($this->_safe_form_data === FALSE OR empty($data))
+ {
+ return $data;
+ }
+
if (is_array($data))
{
foreach ($data as $key => $val)
@@ -1301,12 +1510,7 @@ class CI_Form_validation {
return $data;
}
- if ($this->_safe_form_data == FALSE OR $data === '')
- {
- return $data;
- }
-
- return str_replace(array("'", '"', '<', '>'), array("&#39;", "&quot;", '&lt;', '&gt;'), stripslashes($data));
+ return str_replace(array("'", '"', '<', '>'), array('&#39;', '&quot;', '&lt;', '&gt;'), stripslashes($data));
}
// --------------------------------------------------------------------
@@ -1314,20 +1518,19 @@ class CI_Form_validation {
/**
* Prep URL
*
- * @access public
* @param string
* @return string
*/
public function prep_url($str = '')
{
- if ($str == 'http://' OR $str == '')
+ if ($str === 'http://' OR $str === '')
{
return '';
}
- if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://')
+ if (strpos($str, 'http://') !== 0 && strpos($str, 'https://') !== 0)
{
- $str = 'http://'.$str;
+ return 'http://'.$str;
}
return $str;
@@ -1338,45 +1541,44 @@ class CI_Form_validation {
/**
* Strip Image Tags
*
- * @access public
* @param string
* @return string
*/
public function strip_image_tags($str)
{
- return $this->CI->input->strip_image_tags($str);
+ return $this->CI->security->strip_image_tags($str);
}
// --------------------------------------------------------------------
/**
- * XSS Clean
+ * Convert PHP tags to entities
*
- * @access public
* @param string
* @return string
*/
- public function xss_clean($str)
+ public function encode_php_tags($str)
{
- return $this->CI->security->xss_clean($str);
+ return str_replace(array('<?', '?>'), array('&lt;?', '?&gt;'), $str);
}
// --------------------------------------------------------------------
/**
- * Convert PHP tags to entities
+ * Reset validation vars
*
- * @access public
- * @param string
- * @return string
+ * Prevents subsequent validation routines from being affected by the
+ * results of any previous validation routine due to the CI singleton.
+ *
+ * @return CI_Form_validation
*/
- public function encode_php_tags($str)
+ public function reset_validation()
{
- return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
+ $this->_field_data = array();
+ $this->_error_array = array();
+ $this->_error_messages = array();
+ $this->error_string = '';
+ return $this;
}
}
-// END Form Validation Class
-
-/* End of file Form_validation.php */
-/* Location: ./system/libraries/Form_validation.php */