diff options
Diffstat (limited to 'system/libraries/Form_validation.php')
| -rw-r--r-- | system/libraries/Form_validation.php | 755 |
1 files changed, 397 insertions, 358 deletions
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index a34809e05..b490a34ca 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1,48 +1,133 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer + * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource */ -// ------------------------------------------------------------------------ - /** * Form Validation Class * * @package CodeIgniter * @subpackage Libraries * @category Validation - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/form_validation.html */ class CI_Form_validation { + /** + * Reference to the CodeIgniter instance + * + * @var object + */ protected $CI; - protected $_field_data = array(); - protected $_config_rules = array(); - protected $_error_array = array(); - protected $_error_messages = array(); - protected $_error_prefix = '<p>'; - protected $_error_suffix = '</p>'; - protected $error_string = ''; - protected $_safe_form_data = FALSE; /** - * Constructor + * Validation data for the current form submission + * + * @var array + */ + protected $_field_data = array(); + + /** + * Validation rules for the current form + * + * @var array + */ + protected $_config_rules = array(); + + /** + * Array of validation errors + * + * @var array + */ + protected $_error_array = array(); + + /** + * Array of custom error messages + * + * @var array + */ + protected $_error_messages = array(); + + /** + * Start tag for error wrapping + * + * @var string + */ + protected $_error_prefix = '<p>'; + + /** + * End tag for error wrapping + * + * @var string + */ + protected $_error_suffix = '</p>'; + + /** + * Custom error message + * + * @var string + */ + protected $error_string = ''; + + /** + * Whether the form data has been validated as safe + * + * @var bool + */ + protected $_safe_form_data = FALSE; + + /** + * Custom data to validate + * + * @var array + */ + protected $validation_data = array(); + + /** + * Initialize Form_Validation class + * + * @param array $rules + * @return void */ public function __construct($rules = array()) { $this->CI =& get_instance(); + // applies delimiters set in config file. + if (isset($rules['error_prefix'])) + { + $this->_error_prefix = $rules['error_prefix']; + unset($rules['error_prefix']); + } + if (isset($rules['error_suffix'])) + { + $this->_error_suffix = $rules['error_suffix']; + unset($rules['error_suffix']); + } + // Validation rules can be stored in a config file. $this->_config_rules = $rules; @@ -50,12 +135,12 @@ class CI_Form_validation { $this->CI->load->helper('form'); // Set the character encoding in MB. - if (function_exists('mb_internal_encoding')) + if (MB_ENABLED === TRUE) { mb_internal_encoding($this->CI->config->item('charset')); } - log_message('debug', "Form Validation Class Initialized"); + log_message('debug', 'Form Validation Class Initialized'); } // -------------------------------------------------------------------- @@ -66,64 +151,71 @@ class CI_Form_validation { * This function takes an array of field names and validation * rules as input, validates the info, and stores it * - * @access public - * @param mixed - * @param string - * @return void + * @param mixed $field + * @param string $label + * @param mixed $rules + * @return object */ public function set_rules($field, $label = '', $rules = '') { // No reason to set rules if we have no POST data - if (count($_POST) == 0) + // or a validation array has not been specified + if ($this->CI->input->method() !== 'post' && empty($this->validation_data)) { return $this; } - // If an array was passed via the first parameter instead of indidual string + // If an array was passed via the first parameter instead of individual string // values we cycle through it and recursively call this function. if (is_array($field)) { foreach ($field as $row) { // Houston, we have a problem... - if ( ! isset($row['field']) OR ! isset($row['rules'])) + if ( ! isset($row['field'], $row['rules'])) { continue; } // If the field label wasn't passed we use the field name - $label = ( ! isset($row['label'])) ? $row['field'] : $row['label']; + $label = isset($row['label']) ? $row['label'] : $row['field']; // Here we go! $this->set_rules($row['field'], $label, $row['rules']); } + return $this; } + // Convert an array of rules to a string + if (is_array($rules)) + { + $rules = implode('|', $rules); + } + // No fields? Nothing to do... - if ( ! is_string($field) OR ! is_string($rules) OR $field == '') + if ( ! is_string($field) OR ! is_string($rules) OR $field === '') { return $this; } // If the field label wasn't passed we use the field name - $label = ($label == '') ? $field : $label; + $label = ($label === '') ? $field : $label; - // Is the field name an array? We test for the existence of a bracket "[" in - // the field name to determine this. If it is an array, we break it apart + // Is the field name an array? If it is an array, we break it apart // into its components so that we can fetch the corresponding POST data later - if (strpos($field, '[') !== FALSE AND preg_match_all('/\[(.*?)\]/', $field, $matches)) + if (preg_match_all('/\[(.*?)\]/', $field, $matches)) { // Note: Due to a bug in current() that affects some versions // of PHP we can not pass function call directly into it $x = explode('[', $field); $indexes[] = current($x); - for ($i = 0; $i < count($matches['0']); $i++) + for ($i = 0, $c = count($matches[0]); $i < $c; $i++) { - if ($matches['1'][$i] != '') + if ($matches[1][$i] !== '') { - $indexes[] = $matches['1'][$i]; + $indexes[] = $matches[1][$i]; } } @@ -137,13 +229,13 @@ class CI_Form_validation { // Build our master array $this->_field_data[$field] = array( - 'field' => $field, - 'label' => $label, - 'rules' => $rules, - 'is_array' => $is_array, - 'keys' => $indexes, - 'postdata' => NULL, - 'error' => '' + 'field' => $field, + 'label' => $label, + 'rules' => $rules, + 'is_array' => $is_array, + 'keys' => $indexes, + 'postdata' => NULL, + 'error' => '' ); return $this; @@ -152,15 +244,37 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * By default, form validation uses the $_POST array to validate + * + * If an array is set through this method, then this array will + * be used instead of the $_POST array + * + * Note that if you are validating multiple arrays, then the + * reset_validation() function should be called after validating + * each array due to the limitations of CI's singleton + * + * @param array $data + * @return void + */ + public function set_data($data = '') + { + if ( ! empty($data) && is_array($data)) + { + $this->validation_data = $data; + } + } + + // -------------------------------------------------------------------- + + /** * Set Error Message * - * Lets users set their own error messages on the fly. Note: The key - * name has to match the function name that it corresponds to. + * Lets users set their own error messages on the fly. Note: + * The key name has to match the function name that it corresponds to. * - * @access public - * @param string + * @param array * @param string - * @return string + * @return object */ public function set_message($lang, $val = '') { @@ -170,7 +284,6 @@ class CI_Form_validation { } $this->_error_messages = array_merge($this->_error_messages, $lang); - return $this; } @@ -181,16 +294,14 @@ class CI_Form_validation { * * Permits a prefix/suffix to be added to each error message * - * @access public * @param string * @param string - * @return void + * @return object */ public function set_error_delimiters($prefix = '<p>', $suffix = '</p>') { $this->_error_prefix = $prefix; $this->_error_suffix = $suffix; - return $this; } @@ -201,23 +312,24 @@ class CI_Form_validation { * * Gets the error message associated with a particular field * - * @access public * @param string the field name - * @return void + * @param string the html start tag + * @param strign the html end tag + * @return string */ public function error($field = '', $prefix = '', $suffix = '') { - if ( ! isset($this->_field_data[$field]['error']) OR $this->_field_data[$field]['error'] == '') + if (empty($this->_field_data[$field]['error'])) { return ''; } - if ($prefix == '') + if ($prefix === '') { $prefix = $this->_error_prefix; } - if ($suffix == '') + if ($suffix === '') { $suffix = $this->_error_suffix; } @@ -228,14 +340,27 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Get Array of Error Messages + * + * Returns the error messages as an array + * + * @return array + */ + public function error_array() + { + return $this->_error_array; + } + + // -------------------------------------------------------------------- + + /** * Error String * * Returns the error messages as a string, wrapped in the error delimiters * - * @access public * @param string * @param string - * @return str + * @return string */ public function error_string($prefix = '', $suffix = '') { @@ -245,12 +370,12 @@ class CI_Form_validation { return ''; } - if ($prefix == '') + if ($prefix === '') { $prefix = $this->_error_prefix; } - if ($suffix == '') + if ($suffix === '') { $suffix = $this->_error_suffix; } @@ -259,7 +384,7 @@ class CI_Form_validation { $str = ''; foreach ($this->_error_array as $val) { - if ($val != '') + if ($val !== '') { $str .= $prefix.$val.$suffix."\n"; } @@ -275,31 +400,32 @@ class CI_Form_validation { * * This function does all the work. * - * @access public + * @param string $group * @return bool */ public function run($group = '') { // Do we even have any data to process? Mm? - if (count($_POST) == 0) + $validation_array = empty($this->validation_data) ? $_POST : $this->validation_data; + if (count($validation_array) === 0) { return FALSE; } // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file - if (count($this->_field_data) == 0) + if (count($this->_field_data) === 0) { // No validation rules? We're done... - if (count($this->_config_rules) == 0) + if (count($this->_config_rules) === 0) { return FALSE; } // Is there a validation rule for the particular URI being accessed? - $uri = ($group == '') ? trim($this->CI->uri->ruri_string(), '/') : $group; + $uri = ($group === '') ? trim($this->CI->uri->ruri_string(), '/') : $group; - if ($uri != '' AND isset($this->_config_rules[$uri])) + if ($uri !== '' && isset($this->_config_rules[$uri])) { $this->set_rules($this->_config_rules[$uri]); } @@ -308,10 +434,10 @@ class CI_Form_validation { $this->set_rules($this->_config_rules); } - // We're we able to set the rules correctly? - if (count($this->_field_data) == 0) + // Were we able to set the rules correctly? + if (count($this->_field_data) === 0) { - log_message('debug', "Unable to find validation rules"); + log_message('debug', 'Unable to find validation rules'); return FALSE; } } @@ -323,19 +449,21 @@ class CI_Form_validation { // corresponding $_POST item and test for errors foreach ($this->_field_data as $field => $row) { - // Fetch the data from the corresponding $_POST array and cache it in the _field_data array. + // Fetch the data from the corresponding $_POST or validation array and cache it in the _field_data array. // Depending on whether the field name is an array or a string will determine where we get it from. - - if ($row['is_array'] == TRUE) + if ($row['is_array'] === TRUE) { - $this->_field_data[$field]['postdata'] = $this->_reduce_array($_POST, $row['keys']); + $this->_field_data[$field]['postdata'] = $this->_reduce_array($validation_array, $row['keys']); } - else + elseif (isset($validation_array[$field]) && $validation_array[$field] !== '') { - if (isset($_POST[$field]) AND $_POST[$field] != "") - { - $this->_field_data[$field]['postdata'] = $_POST[$field]; - } + $this->_field_data[$field]['postdata'] = $validation_array[$field]; + } + + // Don't try to validate if we have no rules set + if (empty($row['rules'])) + { + continue; } $this->_execute($row, explode('|', $row['rules']), $this->_field_data[$field]['postdata']); @@ -343,7 +471,6 @@ class CI_Form_validation { // Did we end up with any errors? $total_errors = count($this->_error_array); - if ($total_errors > 0) { $this->_safe_form_data = TRUE; @@ -352,14 +479,7 @@ class CI_Form_validation { // Now we need to re-set the POST data with the new, processed data $this->_reset_post_array(); - // No errors, validation passes! - if ($total_errors == 0) - { - return TRUE; - } - - // Validation fails - return FALSE; + return ($total_errors === 0); } // -------------------------------------------------------------------- @@ -367,31 +487,16 @@ class CI_Form_validation { /** * Traverse a multidimensional $_POST array index until the data is found * - * @access private * @param array * @param array - * @param integer + * @param int * @return mixed */ protected function _reduce_array($array, $keys, $i = 0) { - if (is_array($array)) + if (is_array($array) && isset($keys[$i])) { - if (isset($keys[$i])) - { - if (isset($array[$keys[$i]])) - { - $array = $this->_reduce_array($array[$keys[$i]], $keys, ($i+1)); - } - else - { - return NULL; - } - } - else - { - return $array; - } + return isset($array[$keys[$i]]) ? $this->_reduce_array($array[$keys[$i]], $keys, ($i+1)) : NULL; } return $array; @@ -402,8 +507,7 @@ class CI_Form_validation { /** * Re-populate the _POST array with our finalized and processed data * - * @access private - * @return null + * @return void */ protected function _reset_post_array() { @@ -411,7 +515,7 @@ class CI_Form_validation { { if ( ! is_null($row['postdata'])) { - if ($row['is_array'] == FALSE) + if ($row['is_array'] === FALSE) { if (isset($_POST[$row['field']])) { @@ -424,7 +528,7 @@ class CI_Form_validation { $post_ref =& $_POST; // before we assign values, make a reference to the right POST key - if (count($row['keys']) == 1) + if (count($row['keys']) === 1) { $post_ref =& $post_ref[current($row['keys'])]; } @@ -460,11 +564,10 @@ class CI_Form_validation { /** * Executes the Validation routines * - * @access private * @param array * @param array * @param mixed - * @param integer + * @param int * @return mixed */ protected function _execute($row, $rules, $postdata = NULL, $cycles = 0) @@ -474,24 +577,21 @@ class CI_Form_validation { { foreach ($postdata as $key => $val) { - $this->_execute($row, $rules, $val, $cycles); - $cycles++; + $this->_execute($row, $rules, $val, $key); } return; } - // -------------------------------------------------------------------- - // If the field is blank, but NOT required, no further tests are necessary $callback = FALSE; - if ( ! in_array('required', $rules) AND is_null($postdata)) + if ( ! in_array('required', $rules) && is_null($postdata)) { // Before we bail out, does the rule contain a callback? - if (preg_match("/(callback_\w+(\[.*?\])?)/", implode(' ', $rules), $match)) + if (preg_match('/(callback_\w+(\[.*?\])?)/', implode(' ', $rules), $match)) { $callback = TRUE; - $rules = (array('1' => $match[1])); + $rules = array(1 => $match[1]); } else { @@ -499,26 +599,21 @@ class CI_Form_validation { } } - // -------------------------------------------------------------------- - // Isset Test. Typically this rule will only apply to checkboxes. - if (is_null($postdata) AND $callback == FALSE) + if (is_null($postdata) && $callback === FALSE) { if (in_array('isset', $rules, TRUE) OR in_array('required', $rules)) { // Set the message type - $type = (in_array('required', $rules)) ? 'required' : 'isset'; + $type = in_array('required', $rules) ? 'required' : 'isset'; - if ( ! isset($this->_error_messages[$type])) + if (isset($this->_error_messages[$type])) { - if (FALSE === ($line = $this->CI->lang->line($type))) - { - $line = 'The field was not set'; - } + $line = $this->_error_messages[$type]; } - else + elseif (FALSE === ($line = $this->CI->lang->line($type))) { - $line = $this->_error_messages[$type]; + $line = 'The field was not set'; } // Build the error message @@ -539,13 +634,13 @@ class CI_Form_validation { // -------------------------------------------------------------------- // Cycle through each rule and run it - foreach ($rules As $rule) + foreach ($rules as $rule) { $_in_array = FALSE; // We set the $postdata variable with the current data in our master array so that // each cycle of the loop is dealing with the processed data from the last cycle - if ($row['is_array'] == TRUE AND is_array($this->_field_data[$row['field']]['postdata'])) + if ($row['is_array'] === TRUE && is_array($this->_field_data[$row['field']]['postdata'])) { // We shouldn't need this safety, but just in case there isn't an array index // associated with this cycle we'll bail out @@ -559,14 +654,17 @@ class CI_Form_validation { } else { - $postdata = $this->_field_data[$row['field']]['postdata']; + // If we get an array field, but it's not expected - then it is most likely + // somebody messing with the form on the client side, so we'll just consider + // it an empty field + $postdata = is_array($this->_field_data[$row['field']]['postdata']) + ? NULL + : $this->_field_data[$row['field']]['postdata']; } - // -------------------------------------------------------------------- - // Is the rule a callback? $callback = FALSE; - if (substr($rule, 0, 9) == 'callback_') + if (strpos($rule, 'callback_') === 0) { $rule = substr($rule, 9); $callback = TRUE; @@ -575,7 +673,7 @@ class CI_Form_validation { // Strip the parameter (if exists) from the rule // Rules can contain a parameter: max_length[5] $param = FALSE; - if (preg_match("/(.*?)\[(.*)\]/", $rule, $match)) + if (preg_match('/(.*?)\[(.*)\]/', $rule, $match)) { $rule = $match[1]; $param = $match[2]; @@ -586,68 +684,69 @@ class CI_Form_validation { { if ( ! method_exists($this->CI, $rule)) { - continue; + log_message('debug', 'Unable to find callback validation rule: '.$rule); + $result = FALSE; + } + else + { + // Run the function and grab the result + $result = $this->CI->$rule($postdata, $param); } - - // Run the function and grab the result - $result = $this->CI->$rule($postdata, $param); // Re-assign the result to the master data array - if ($_in_array == TRUE) + if ($_in_array === TRUE) { - $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result; + $this->_field_data[$row['field']]['postdata'][$cycles] = is_bool($result) ? $postdata : $result; } else { - $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; + $this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result; } // If the field isn't required and we just processed a callback we'll move on... - if ( ! in_array('required', $rules, TRUE) AND $result !== FALSE) + if ( ! in_array('required', $rules, TRUE) && $result !== FALSE) { continue; } } - else + elseif ( ! method_exists($this, $rule)) { - if ( ! method_exists($this, $rule)) + // If our own wrapper function doesn't exist we see if a native PHP function does. + // Users can use any native PHP function call that has one param. + if (function_exists($rule)) { - // If our own wrapper function doesn't exist we see if a native PHP function does. - // Users can use any native PHP function call that has one param. - if (function_exists($rule)) - { - $result = $rule($postdata); + $result = ($param !== FALSE) ? $rule($postdata, $param) : $rule($postdata); - if ($_in_array == TRUE) - { - $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result; - } - else - { - $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; - } + if ($_in_array === TRUE) + { + $this->_field_data[$row['field']]['postdata'][$cycles] = is_bool($result) ? $postdata : $result; } else { - log_message('debug', "Unable to find validation rule: ".$rule); + $this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result; } - - continue; } - + else + { + log_message('debug', 'Unable to find validation rule: '.$rule); + $result = FALSE; + } + } + else + { $result = $this->$rule($postdata, $param); - if ($_in_array == TRUE) + if ($_in_array === TRUE) { - $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result; + $this->_field_data[$row['field']]['postdata'][$cycles] = is_bool($result) ? $postdata : $result; } else { - $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; + $this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result; } } - // Did the rule test negatively? If so, grab the error. + // Did the rule test negatively? If so, grab the error. if ($result === FALSE) { if ( ! isset($this->_error_messages[$rule])) @@ -663,8 +762,8 @@ class CI_Form_validation { } // Is the parameter we are inserting into the error message the name - // of another field? If so we need to grab its "field label" - if (isset($this->_field_data[$param]) AND isset($this->_field_data[$param]['label'])) + // of another field? If so we need to grab its "field label" + if (isset($this->_field_data[$param], $this->_field_data[$param]['label'])) { $param = $this->_translate_fieldname($this->_field_data[$param]['label']); } @@ -690,7 +789,6 @@ class CI_Form_validation { /** * Translate a field name * - * @access private * @param string the field name * @return string */ @@ -698,7 +796,7 @@ class CI_Form_validation { { // Do we need to translate the field name? // We look for the prefix lang: to determine this - if (substr($fieldname, 0, 5) == 'lang:') + if (strpos($fieldname, 'lang:') === 0) { // Grab the variable $line = substr($fieldname, 5); @@ -721,20 +819,19 @@ class CI_Form_validation { * Permits you to repopulate a form field with the value it was submitted * with, or, if that value doesn't exist, with the default * - * @access public * @param string the field name * @param string - * @return void + * @return string */ public function set_value($field = '', $default = '') { - if ( ! isset($this->_field_data[$field])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { return $default; } // If the data is an array output them one at a time. - // E.g: form_input('name[]', set_value('name[]'); + // E.g: form_input('name[]', set_value('name[]'); if (is_array($this->_field_data[$field]['postdata'])) { return array_shift($this->_field_data[$field]['postdata']); @@ -751,24 +848,19 @@ class CI_Form_validation { * Enables pull-down lists to be set to the value the user * selected in the event of an error * - * @access public * @param string * @param string + * @param bool * @return string */ public function set_select($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' selected="selected"'; - } - return ''; + return ($default === TRUE && count($this->_field_data) === 0) ? ' selected="selected"' : ''; } $field = $this->_field_data[$field]['postdata']; - if (is_array($field)) { if ( ! in_array($value, $field)) @@ -776,12 +868,9 @@ class CI_Form_validation { return ''; } } - else + elseif (($field === '' OR $value === '') OR ($field !== $value)) { - if (($field == '' OR $value == '') OR ($field != $value)) - { - return ''; - } + return ''; } return ' selected="selected"'; @@ -795,24 +884,19 @@ class CI_Form_validation { * Enables radio buttons to be set to the value the user * selected in the event of an error * - * @access public * @param string * @param string + * @param bool * @return string */ public function set_radio($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' checked="checked"'; - } - return ''; + return ($default === TRUE && count($this->_field_data) === 0) ? ' checked="checked"' : ''; } $field = $this->_field_data[$field]['postdata']; - if (is_array($field)) { if ( ! in_array($value, $field)) @@ -820,12 +904,9 @@ class CI_Form_validation { return ''; } } - else + elseif (($field === '' OR $value === '') OR ($field !== $value)) { - if (($field == '' OR $value == '') OR ($field != $value)) - { - return ''; - } + return ''; } return ' checked="checked"'; @@ -839,40 +920,15 @@ class CI_Form_validation { * Enables checkboxes to be set to the value the user * selected in the event of an error * - * @access public * @param string * @param string + * @param bool * @return string */ public function set_checkbox($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) - { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' checked="checked"'; - } - return ''; - } - - $field = $this->_field_data[$field]['postdata']; - - if (is_array($field)) - { - if ( ! in_array($value, $field)) - { - return ''; - } - } - else - { - if (($field == '' OR $value == '') OR ($field != $value)) - { - return ''; - } - } - - return ' checked="checked"'; + // Logic is exactly the same as for radio fields + return $this->set_radio($field, $value, $default); } // -------------------------------------------------------------------- @@ -880,20 +936,12 @@ class CI_Form_validation { /** * Required * - * @access public * @param string * @return bool */ public function required($str) { - if ( ! is_array($str)) - { - return (trim($str) == '') ? FALSE : TRUE; - } - else - { - return ( ! empty($str)); - } + return is_array($str) ? (bool) count($str) : (trim($str) !== ''); } // -------------------------------------------------------------------- @@ -901,19 +949,13 @@ class CI_Form_validation { /** * Performs a Regular Expression match test. * - * @access public * @param string - * @param regex + * @param string regex * @return bool */ public function regex_match($str, $regex) { - if ( ! preg_match($regex, $str)) - { - return FALSE; - } - - return TRUE; + return (bool) preg_match($regex, $str); } // -------------------------------------------------------------------- @@ -921,64 +963,63 @@ class CI_Form_validation { /** * Match one field to another * - * @access public * @param string - * @param field + * @param string field * @return bool */ public function matches($str, $field) { - if ( ! isset($_POST[$field])) - { - return FALSE; - } + $validation_array = empty($this->validation_data) ? $_POST : $this->validation_data; - $field = $_POST[$field]; - - return ($str !== $field) ? FALSE : TRUE; + return isset($validation_array[$field]) ? ($str === $validation_array[$field]) : FALSE; } - + // -------------------------------------------------------------------- /** - * Match one field to another + * Is Unique + * + * Check if the input value doesn't already exist + * in the specified database field. * - * @access public * @param string - * @param field + * @param string field * @return bool */ public function is_unique($str, $field) { - list($table, $field)=explode('.', $field); - $query = $this->CI->db->limit(1)->get_where($table, array($field => $str)); - - return $query->num_rows() === 0; - } + list($table, $field) = explode('.', $field); + if (isset($this->CI->db)) + { + $query = $this->CI->db->limit(1)->get_where($table, array($field => $str)); + return $query->num_rows() === 0; + } + return FALSE; + } // -------------------------------------------------------------------- /** * Minimum Length * - * @access public * @param string - * @param value + * @param string * @return bool */ public function min_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if ( ! is_numeric($val)) { return FALSE; } - - if (function_exists('mb_strlen')) + else { - return (mb_strlen($str) < $val) ? FALSE : TRUE; + $val = (int) $val; } - return (strlen($str) < $val) ? FALSE : TRUE; + return (MB_ENABLED === TRUE) + ? ($val <= mb_strlen($str)) + : ($val <= strlen($str)); } // -------------------------------------------------------------------- @@ -986,24 +1027,24 @@ class CI_Form_validation { /** * Max Length * - * @access public * @param string - * @param value + * @param string * @return bool */ public function max_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if ( ! is_numeric($val)) { return FALSE; } - - if (function_exists('mb_strlen')) + else { - return (mb_strlen($str) > $val) ? FALSE : TRUE; + $val = (int) $val; } - return (strlen($str) > $val) ? FALSE : TRUE; + return (MB_ENABLED === TRUE) + ? ($val >= mb_strlen($str)) + : ($val >= strlen($str)); } // -------------------------------------------------------------------- @@ -1011,24 +1052,24 @@ class CI_Form_validation { /** * Exact Length * - * @access public * @param string - * @param value + * @param string * @return bool */ public function exact_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if ( ! is_numeric($val)) { return FALSE; } - - if (function_exists('mb_strlen')) + else { - return (mb_strlen($str) != $val) ? FALSE : TRUE; + $val = (int) $val; } - return (strlen($str) != $val) ? FALSE : TRUE; + return (MB_ENABLED === TRUE) + ? (mb_strlen($str) === $val) + : (strlen($str) === $val); } // -------------------------------------------------------------------- @@ -1036,13 +1077,12 @@ class CI_Form_validation { /** * Valid Email * - * @access public * @param string * @return bool */ public function valid_email($str) { - return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE; + return (bool) filter_var($str, FILTER_VALIDATE_EMAIL); } // -------------------------------------------------------------------- @@ -1050,7 +1090,6 @@ class CI_Form_validation { /** * Valid Emails * - * @access public * @param string * @return bool */ @@ -1063,7 +1102,7 @@ class CI_Form_validation { foreach (explode(',', $str) as $email) { - if (trim($email) != '' && $this->valid_email(trim($email)) === FALSE) + if (trim($email) !== '' && $this->valid_email(trim($email)) === FALSE) { return FALSE; } @@ -1077,13 +1116,13 @@ class CI_Form_validation { /** * Validate IP Address * - * @access public * @param string - * @return string + * @param string 'ipv4' or 'ipv6' to validate a specific IP format + * @return bool */ - public function valid_ip($ip) + public function valid_ip($ip, $which = '') { - return $this->CI->input->valid_ip($ip); + return $this->CI->input->valid_ip($ip, $which); } // -------------------------------------------------------------------- @@ -1091,13 +1130,12 @@ class CI_Form_validation { /** * Alpha * - * @access public * @param string * @return bool */ public function alpha($str) { - return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE; + return ctype_alpha($str); } // -------------------------------------------------------------------- @@ -1105,13 +1143,12 @@ class CI_Form_validation { /** * Alpha-numeric * - * @access public * @param string * @return bool */ public function alpha_numeric($str) { - return ( ! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE; + return ctype_alnum((string) $str); } // -------------------------------------------------------------------- @@ -1119,13 +1156,12 @@ class CI_Form_validation { /** * Alpha-numeric with underscores and dashes * - * @access public * @param string * @return bool */ public function alpha_dash($str) { - return ( ! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE; + return (bool) preg_match('/^[a-z0-9_-]+$/i', $str); } // -------------------------------------------------------------------- @@ -1133,74 +1169,67 @@ class CI_Form_validation { /** * Numeric * - * @access public * @param string * @return bool */ public function numeric($str) { - return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str); + return (bool) preg_match('/^[\-+]?[0-9]*\.?[0-9]+$/', $str); } // -------------------------------------------------------------------- /** - * Is Numeric + * Integer * - * @access public * @param string * @return bool */ - public function is_numeric($str) + public function integer($str) { - return ( ! is_numeric($str)) ? FALSE : TRUE; + return (bool) preg_match('/^[\-+]?[0-9]+$/', $str); } // -------------------------------------------------------------------- /** - * Integer + * Decimal number * - * @access public * @param string * @return bool */ - public function integer($str) + public function decimal($str) { - return (bool) preg_match('/^[\-+]?[0-9]+$/', $str); + return (bool) preg_match('/^[\-+]?[0-9]+\.[0-9]+$/', $str); } // -------------------------------------------------------------------- /** - * Decimal number + * Greater than * - * @access public * @param string + * @param int * @return bool */ - public function decimal($str) + public function greater_than($str, $min) { - return (bool) preg_match('/^[\-+]?[0-9]+\.[0-9]+$/', $str); + return is_numeric($str) ? ($str > $min) : FALSE; } // -------------------------------------------------------------------- /** - * Greather than + * Equal to or Greater than * - * @access public * @param string + * @param int * @return bool */ - public function greater_than($str, $min) + public function greater_than_equal_to($str, $min) { - if ( ! is_numeric($str)) - { - return FALSE; - } - return $str > $min; + return is_numeric($str) ? ($str >= $min) : FALSE; } // -------------------------------------------------------------------- @@ -1208,17 +1237,27 @@ class CI_Form_validation { /** * Less than * - * @access public * @param string + * @param int * @return bool */ public function less_than($str, $max) { - if ( ! is_numeric($str)) - { - return FALSE; - } - return $str < $max; + return is_numeric($str) ? ($str < $max) : FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Equal to or Less than + * + * @param string + * @param int + * @return bool + */ + public function less_than_equal_to($str, $max) + { + return is_numeric($str) ? ($str <= $max) : FALSE; } // -------------------------------------------------------------------- @@ -1226,13 +1265,12 @@ class CI_Form_validation { /** * Is a Natural number (0,1,2,3, etc.) * - * @access public * @param string * @return bool */ public function is_natural($str) { - return (bool) preg_match( '/^[0-9]+$/', $str); + return ctype_digit((string) $str); } // -------------------------------------------------------------------- @@ -1240,23 +1278,12 @@ class CI_Form_validation { /** * Is a Natural number, but not a zero (1,2,3, etc.) * - * @access public * @param string * @return bool */ public function is_natural_no_zero($str) { - if ( ! preg_match( '/^[0-9]+$/', $str)) - { - return FALSE; - } - - if ($str == 0) - { - return FALSE; - } - - return TRUE; + return ($str != 0 && ctype_digit((string) $str)); } // -------------------------------------------------------------------- @@ -1267,13 +1294,12 @@ class CI_Form_validation { * Tests a string for characters outside of the Base64 alphabet * as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045 * - * @access public * @param string * @return bool */ public function valid_base64($str) { - return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); + return ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); } // -------------------------------------------------------------------- @@ -1284,7 +1310,6 @@ class CI_Form_validation { * This function allows HTML to be safely shown in a form. * Special characters are converted. * - * @access public * @param string * @return string */ @@ -1300,12 +1325,12 @@ class CI_Form_validation { return $data; } - if ($this->_safe_form_data == FALSE OR $data === '') + if ($this->_safe_form_data === FALSE OR $data === '') { return $data; } - return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data)); + return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), stripslashes($data)); } // -------------------------------------------------------------------- @@ -1313,20 +1338,19 @@ class CI_Form_validation { /** * Prep URL * - * @access public * @param string * @return string */ public function prep_url($str = '') { - if ($str == 'http://' OR $str == '') + if ($str === 'http://' OR $str === '') { return ''; } - if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://') + if (strpos($str, 'http://') !== 0 && strpos($str, 'https://') !== 0) { - $str = 'http://'.$str; + return 'http://'.$str; } return $str; @@ -1337,13 +1361,12 @@ class CI_Form_validation { /** * Strip Image Tags * - * @access public * @param string * @return string */ public function strip_image_tags($str) { - return $this->CI->input->strip_image_tags($str); + return $this->CI->security->strip_image_tags($str); } // -------------------------------------------------------------------- @@ -1351,7 +1374,6 @@ class CI_Form_validation { /** * XSS Clean * - * @access public * @param string * @return string */ @@ -1365,17 +1387,34 @@ class CI_Form_validation { /** * Convert PHP tags to entities * - * @access public * @param string * @return string */ public function encode_php_tags($str) { - return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); + return str_replace(array('<?', '?>'), array('<?', '?>'), $str); + } + + // -------------------------------------------------------------------- + + /** + * Reset validation vars + * + * Prevents subsequent validation routines from being affected by the + * results of any previous validation routine due to the CI singleton. + * + * @return void + */ + public function reset_validation() + { + $this->_field_data = array(); + $this->_config_rules = array(); + $this->_error_array = array(); + $this->_error_messages = array(); + $this->error_string = ''; } } -// END Form Validation Class /* End of file Form_validation.php */ -/* Location: ./system/libraries/Form_validation.php */ +/* Location: ./system/libraries/Form_validation.php */
\ No newline at end of file |