diff options
Diffstat (limited to 'system/libraries/Form_validation.php')
| -rwxr-xr-x[-rw-r--r--] | system/libraries/Form_validation.php | 493 |
1 files changed, 265 insertions, 228 deletions
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 640bf9180..fc5b82ee3 100644..100755 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 @@ -25,29 +25,28 @@ * @link http://codeigniter.com/user_guide/libraries/form_validation.html */ class CI_Form_validation { - + var $CI; - var $_field_data = array(); + var $_field_data = array(); var $_config_rules = array(); var $_error_array = array(); - var $_error_messages = array(); + var $_error_messages = array(); var $_error_prefix = '<p>'; var $_error_suffix = '</p>'; var $error_string = ''; - var $_safe_form_data = FALSE; + var $_safe_form_data = FALSE; /** * Constructor - * - */ - function CI_Form_validation($rules = array()) - { + */ + public function __construct($rules = array()) + { $this->CI =& get_instance(); - + // Validation rules can be stored in a config file. $this->_config_rules = $rules; - + // Automatically load the form helper $this->CI->load->helper('form'); @@ -56,12 +55,12 @@ class CI_Form_validation { { mb_internal_encoding($this->CI->config->item('charset')); } - + log_message('debug', "Form Validation Class Initialized"); } - + // -------------------------------------------------------------------- - + /** * Set Rules * @@ -78,9 +77,9 @@ class CI_Form_validation { // No reason to set rules if we have no POST data if (count($_POST) == 0) { - return; + return $this; } - + // If an array was passed via the first parameter instead of indidual string // values we cycle through it and recursively call this function. if (is_array($field)) @@ -99,13 +98,13 @@ class CI_Form_validation { // Here we go! $this->set_rules($row['field'], $label, $row['rules']); } - return; + return $this; } - + // No fields? Nothing to do... if ( ! is_string($field) OR ! is_string($rules) OR $field == '') { - return; + return $this; } // If the field label wasn't passed we use the field name @@ -113,9 +112,9 @@ class CI_Form_validation { // Is the field name an array? We test for the existence of a bracket "[" in // the field name to determine this. If it is an array, we break it apart - // into its components so that we can fetch the corresponding POST data later + // into its components so that we can fetch the corresponding POST data later if (strpos($field, '[') !== FALSE AND preg_match_all('/\[(.*?)\]/', $field, $matches)) - { + { // Note: Due to a bug in current() that affects some versions // of PHP we can not pass function call directly into it $x = explode('[', $field); @@ -128,29 +127,31 @@ class CI_Form_validation { $indexes[] = $matches['1'][$i]; } } - + $is_array = TRUE; } else { - $indexes = array(); - $is_array = FALSE; + $indexes = array(); + $is_array = FALSE; } - - // Build our master array + + // Build our master array $this->_field_data[$field] = array( - 'field' => $field, - 'label' => $label, + 'field' => $field, + 'label' => $label, 'rules' => $rules, 'is_array' => $is_array, 'keys' => $indexes, 'postdata' => NULL, 'error' => '' ); + + return $this; } // -------------------------------------------------------------------- - + /** * Set Error Message * @@ -168,12 +169,14 @@ class CI_Form_validation { { $lang = array($lang => $val); } - + $this->_error_messages = array_merge($this->_error_messages, $lang); + + return $this; } - + // -------------------------------------------------------------------- - + /** * Set The Error Delimiter * @@ -183,15 +186,17 @@ class CI_Form_validation { * @param string * @param string * @return void - */ + */ function set_error_delimiters($prefix = '<p>', $suffix = '</p>') { $this->_error_prefix = $prefix; $this->_error_suffix = $suffix; + + return $this; } // -------------------------------------------------------------------- - + /** * Get Error Message * @@ -200,14 +205,14 @@ class CI_Form_validation { * @access public * @param string the field name * @return void - */ + */ function error($field = '', $prefix = '', $suffix = '') - { + { if ( ! isset($this->_field_data[$field]['error']) OR $this->_field_data[$field]['error'] == '') { return ''; } - + if ($prefix == '') { $prefix = $this->_error_prefix; @@ -222,7 +227,7 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - + /** * Error String * @@ -232,7 +237,7 @@ class CI_Form_validation { * @param string * @param string * @return str - */ + */ function error_string($prefix = '', $suffix = '') { // No errrors, validation passes! @@ -240,7 +245,7 @@ class CI_Form_validation { { return ''; } - + if ($prefix == '') { $prefix = $this->_error_prefix; @@ -250,7 +255,7 @@ class CI_Form_validation { { $suffix = $this->_error_suffix; } - + // Generate the error string $str = ''; foreach ($this->_error_array as $val) @@ -260,12 +265,12 @@ class CI_Form_validation { $str .= $prefix.$val.$suffix."\n"; } } - + return $str; } // -------------------------------------------------------------------- - + /** * Run the Validator * @@ -273,7 +278,7 @@ class CI_Form_validation { * * @access public * @return bool - */ + */ function run($group = '') { // Do we even have any data to process? Mm? @@ -281,7 +286,7 @@ class CI_Form_validation { { return FALSE; } - + // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file if (count($this->_field_data) == 0) @@ -291,10 +296,10 @@ class CI_Form_validation { { return FALSE; } - + // Is there a validation rule for the particular URI being accessed? $uri = ($group == '') ? trim($this->CI->uri->ruri_string(), '/') : $group; - + if ($uri != '' AND isset($this->_config_rules[$uri])) { $this->set_rules($this->_config_rules[$uri]); @@ -303,7 +308,7 @@ class CI_Form_validation { { $this->set_rules($this->_config_rules); } - + // We're we able to set the rules correctly? if (count($this->_field_data) == 0) { @@ -311,17 +316,17 @@ class CI_Form_validation { return FALSE; } } - + // Load the language file containing error messages $this->CI->lang->load('form_validation'); - - // Cycle through the rules for each field, match the + + // Cycle through the rules for each field, match the // corresponding $_POST item and test for errors foreach ($this->_field_data as $field => $row) - { + { // Fetch the data from the corresponding $_POST array and cache it in the _field_data array. // Depending on whether the field name is an array or a string will determine where we get it from. - + if ($row['is_array'] == TRUE) { $this->_field_data[$field]['postdata'] = $this->_reduce_array($_POST, $row['keys']); @@ -333,8 +338,8 @@ class CI_Form_validation { $this->_field_data[$field]['postdata'] = $_POST[$field]; } } - - $this->_execute($row, explode('|', $row['rules']), $this->_field_data[$field]['postdata']); + + $this->_execute($row, explode('|', $row['rules']), $this->_field_data[$field]['postdata']); } // Did we end up with any errors? @@ -347,7 +352,7 @@ class CI_Form_validation { // Now we need to re-set the POST data with the new, processed data $this->_reset_post_array(); - + // No errors, validation passes! if ($total_errors == 0) { @@ -359,7 +364,7 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - + /** * Traverse a multidimensional $_POST array index until the data is found * @@ -368,7 +373,7 @@ class CI_Form_validation { * @param array * @param integer * @return mixed - */ + */ function _reduce_array($array, $keys, $i = 0) { if (is_array($array)) @@ -389,18 +394,18 @@ class CI_Form_validation { return $array; } } - + return $array; } // -------------------------------------------------------------------- - + /** * Re-populate the _POST array with our finalized and processed data * * @access private * @return null - */ + */ function _reset_post_array() { foreach ($this->_field_data as $field => $row) @@ -418,7 +423,7 @@ class CI_Form_validation { { // start with a reference $post_ref =& $_POST; - + // before we assign values, make a reference to the right POST key if (count($row['keys']) == 1) { @@ -452,7 +457,7 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - + /** * Executes the Validation routines * @@ -462,21 +467,21 @@ class CI_Form_validation { * @param mixed * @param integer * @return mixed - */ + */ function _execute($row, $rules, $postdata = NULL, $cycles = 0) { // If the $_POST data is an array we will run a recursive call if (is_array($postdata)) - { + { foreach ($postdata as $key => $val) { $this->_execute($row, $rules, $val, $cycles); $cycles++; } - + return; } - + // -------------------------------------------------------------------- // If the field is blank, but NOT required, no further tests are necessary @@ -496,7 +501,7 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - + // Isset Test. Typically this rule will only apply to checkboxes. if (is_null($postdata) AND $callback == FALSE) { @@ -504,31 +509,31 @@ class CI_Form_validation { { // Set the message type $type = (in_array('required', $rules)) ? 'required' : 'isset'; - + if ( ! isset($this->_error_messages[$type])) { if (FALSE === ($line = $this->CI->lang->line($type))) { $line = 'The field was not set'; - } + } } else { $line = $this->_error_messages[$type]; } - + // Build the error message $message = sprintf($line, $this->_translate_fieldname($row['label'])); // Save the error message $this->_field_data[$row['field']]['error'] = $message; - + if ( ! isset($this->_error_array[$row['field']])) { $this->_error_array[$row['field']] = $message; } } - + return; } @@ -538,7 +543,7 @@ class CI_Form_validation { foreach ($rules As $rule) { $_in_array = FALSE; - + // We set the $postdata variable with the current data in our master array so that // each cycle of the loop is dealing with the processed data from the last cycle if ($row['is_array'] == TRUE AND is_array($this->_field_data[$row['field']]['postdata'])) @@ -549,7 +554,7 @@ class CI_Form_validation { { continue; } - + $postdata = $this->_field_data[$row['field']]['postdata'][$cycles]; $_in_array = TRUE; } @@ -559,32 +564,32 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - - // Is the rule a callback? + + // Is the rule a callback? $callback = FALSE; if (substr($rule, 0, 9) == 'callback_') { $rule = substr($rule, 9); $callback = TRUE; } - + // Strip the parameter (if exists) from the rule // Rules can contain a parameter: max_length[5] $param = FALSE; - if (preg_match("/(.*?)\[(.*?)\]/", $rule, $match)) + if (preg_match("/(.*?)\[(.*)\]/", $rule, $match)) { $rule = $match[1]; $param = $match[2]; } - + // Call the function that corresponds to the rule if ($callback === TRUE) { if ( ! method_exists($this->CI, $rule)) - { + { continue; } - + // Run the function and grab the result $result = $this->CI->$rule($postdata, $param); @@ -597,7 +602,7 @@ class CI_Form_validation { { $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; } - + // If the field isn't required and we just processed a callback we'll move on... if ( ! in_array('required', $rules, TRUE) AND $result !== FALSE) { @@ -605,15 +610,15 @@ class CI_Form_validation { } } else - { + { if ( ! method_exists($this, $rule)) { - // If our own wrapper function doesn't exist we see if a native PHP function does. + // If our own wrapper function doesn't exist we see if a native PHP function does. // Users can use any native PHP function call that has one param. if (function_exists($rule)) { $result = $rule($postdata); - + if ($_in_array == TRUE) { $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result; @@ -623,7 +628,7 @@ class CI_Form_validation { $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; } } - + continue; } @@ -638,54 +643,54 @@ class CI_Form_validation { $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; } } - + // Did the rule test negatively? If so, grab the error. if ($result === FALSE) - { + { if ( ! isset($this->_error_messages[$rule])) { if (FALSE === ($line = $this->CI->lang->line($rule))) { $line = 'Unable to access an error message corresponding to your field name.'; - } + } } else { $line = $this->_error_messages[$rule]; } - + // Is the parameter we are inserting into the error message the name // of another field? If so we need to grab its "field label" if (isset($this->_field_data[$param]) AND isset($this->_field_data[$param]['label'])) { - $param = $this->_field_data[$param]['label']; + $param = $this->_translate_fieldname($this->_field_data[$param]['label']); } - + // Build the error message $message = sprintf($line, $this->_translate_fieldname($row['label']), $param); // Save the error message $this->_field_data[$row['field']]['error'] = $message; - + if ( ! isset($this->_error_array[$row['field']])) { $this->_error_array[$row['field']] = $message; } - + return; } } } // -------------------------------------------------------------------- - + /** * Translate a field name * * @access private * @param string the field name * @return string - */ + */ function _translate_fieldname($fieldname) { // Do we need to translate the field name? @@ -693,8 +698,8 @@ class CI_Form_validation { if (substr($fieldname, 0, 5) == 'lang:') { // Grab the variable - $line = substr($fieldname, 5); - + $line = substr($fieldname, 5); + // Were we able to translate the field name? If not we use $line if (FALSE === ($fieldname = $this->CI->lang->line($line))) { @@ -706,7 +711,7 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - + /** * Get the value from a form * @@ -717,19 +722,26 @@ class CI_Form_validation { * @param string the field name * @param string * @return void - */ + */ function set_value($field = '', $default = '') { if ( ! isset($this->_field_data[$field])) { return $default; } - + + // If the data is an array output them one at a time. + // E.g: form_input('name[]', set_value('name[]'); + if (is_array($this->_field_data[$field]['postdata'])) + { + return array_shift($this->_field_data[$field]['postdata']); + } + return $this->_field_data[$field]['postdata']; } - + // -------------------------------------------------------------------- - + /** * Set Select * @@ -740,9 +752,9 @@ class CI_Form_validation { * @param string * @param string * @return string - */ + */ function set_select($field = '', $value = '', $default = FALSE) - { + { if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) { if ($default === TRUE AND count($this->_field_data) === 0) @@ -751,9 +763,9 @@ class CI_Form_validation { } return ''; } - + $field = $this->_field_data[$field]['postdata']; - + if (is_array($field)) { if ( ! in_array($value, $field)) @@ -768,12 +780,12 @@ class CI_Form_validation { return ''; } } - + return ' selected="selected"'; } - + // -------------------------------------------------------------------- - + /** * Set Radio * @@ -784,7 +796,7 @@ class CI_Form_validation { * @param string * @param string * @return string - */ + */ function set_radio($field = '', $value = '', $default = FALSE) { if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) @@ -795,9 +807,9 @@ class CI_Form_validation { } return ''; } - + $field = $this->_field_data[$field]['postdata']; - + if (is_array($field)) { if ( ! in_array($value, $field)) @@ -812,12 +824,12 @@ class CI_Form_validation { return ''; } } - + return ' checked="checked"'; } - + // -------------------------------------------------------------------- - + /** * Set Checkbox * @@ -828,7 +840,7 @@ class CI_Form_validation { * @param string * @param string * @return string - */ + */ function set_checkbox($field = '', $value = '', $default = FALSE) { if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) @@ -839,9 +851,9 @@ class CI_Form_validation { } return ''; } - + $field = $this->_field_data[$field]['postdata']; - + if (is_array($field)) { if ( ! in_array($value, $field)) @@ -856,12 +868,12 @@ class CI_Form_validation { return ''; } } - + return ' checked="checked"'; } - + // -------------------------------------------------------------------- - + /** * Required * @@ -880,9 +892,29 @@ class CI_Form_validation { return ( ! empty($str)); } } - + + // -------------------------------------------------------------------- + + /** + * Performs a Regular Expression match test. + * + * @access public + * @param string + * @param regex + * @return bool + */ + function regex_match($str, $regex) + { + if ( ! preg_match($regex, $str)) + { + return FALSE; + } + + return TRUE; + } + // -------------------------------------------------------------------- - + /** * Match one field to another * @@ -895,16 +927,16 @@ class CI_Form_validation { { if ( ! isset($_POST[$field])) { - return FALSE; + return FALSE; } - + $field = $_POST[$field]; return ($str !== $field) ? FALSE : TRUE; } - + // -------------------------------------------------------------------- - + /** * Minimum Length * @@ -912,7 +944,7 @@ class CI_Form_validation { * @param string * @param value * @return bool - */ + */ function min_length($str, $val) { if (preg_match("/[^0-9]/", $val)) @@ -922,14 +954,14 @@ class CI_Form_validation { if (function_exists('mb_strlen')) { - return (mb_strlen($str) < $val) ? FALSE : TRUE; + return (mb_strlen($str) < $val) ? FALSE : TRUE; } - + return (strlen($str) < $val) ? FALSE : TRUE; } - + // -------------------------------------------------------------------- - + /** * Max Length * @@ -937,7 +969,7 @@ class CI_Form_validation { * @param string * @param value * @return bool - */ + */ function max_length($str, $val) { if (preg_match("/[^0-9]/", $val)) @@ -947,14 +979,14 @@ class CI_Form_validation { if (function_exists('mb_strlen')) { - return (mb_strlen($str) > $val) ? FALSE : TRUE; + return (mb_strlen($str) > $val) ? FALSE : TRUE; } - + return (strlen($str) > $val) ? FALSE : TRUE; } - + // -------------------------------------------------------------------- - + /** * Exact Length * @@ -962,7 +994,7 @@ class CI_Form_validation { * @param string * @param value * @return bool - */ + */ function exact_length($str, $val) { if (preg_match("/[^0-9]/", $val)) @@ -972,42 +1004,42 @@ class CI_Form_validation { if (function_exists('mb_strlen')) { - return (mb_strlen($str) != $val) ? FALSE : TRUE; + return (mb_strlen($str) != $val) ? FALSE : TRUE; } - + return (strlen($str) != $val) ? FALSE : TRUE; } - + // -------------------------------------------------------------------- - + /** * Valid Email * * @access public * @param string * @return bool - */ + */ function valid_email($str) { return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE; } // -------------------------------------------------------------------- - + /** * Valid Emails * * @access public * @param string * @return bool - */ + */ function valid_emails($str) { if (strpos($str, ',') === FALSE) { return $this->valid_email(trim($str)); } - + foreach(explode(',', $str) as $email) { if (trim($email) != '' && $this->valid_email(trim($email)) === FALSE) @@ -1015,12 +1047,12 @@ class CI_Form_validation { return FALSE; } } - + return TRUE; } // -------------------------------------------------------------------- - + /** * Validate IP Address * @@ -1034,56 +1066,56 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - + /** * Alpha * * @access public * @param string * @return bool - */ + */ function alpha($str) { return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE; } - + // -------------------------------------------------------------------- - + /** * Alpha-numeric * * @access public * @param string * @return bool - */ + */ function alpha_numeric($str) { return ( ! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE; } - + // -------------------------------------------------------------------- - + /** * Alpha-numeric with underscores and dashes * * @access public * @param string * @return bool - */ + */ function alpha_dash($str) { return ( ! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE; } - + // -------------------------------------------------------------------- - + /** * Numeric * * @access public * @param string * @return bool - */ + */ function numeric($str) { return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str); @@ -1092,72 +1124,72 @@ class CI_Form_validation { // -------------------------------------------------------------------- - /** - * Is Numeric - * - * @access public - * @param string - * @return bool - */ - function is_numeric($str) - { - return ( ! is_numeric($str)) ? FALSE : TRUE; - } + /** + * Is Numeric + * + * @access public + * @param string + * @return bool + */ + function is_numeric($str) + { + return ( ! is_numeric($str)) ? FALSE : TRUE; + } // -------------------------------------------------------------------- - + /** * Integer * * @access public * @param string * @return bool - */ + */ function integer($str) { return (bool)preg_match( '/^[\-+]?[0-9]+$/', $str); } - + // -------------------------------------------------------------------- - /** - * Is a Natural number (0,1,2,3, etc.) - * - * @access public - * @param string - * @return bool - */ - function is_natural($str) - { - return (bool)preg_match( '/^[0-9]+$/', $str); - } + /** + * Is a Natural number (0,1,2,3, etc.) + * + * @access public + * @param string + * @return bool + */ + function is_natural($str) + { + return (bool)preg_match( '/^[0-9]+$/', $str); + } // -------------------------------------------------------------------- - /** - * Is a Natural number, but not a zero (1,2,3, etc.) - * - * @access public - * @param string - * @return bool - */ + /** + * Is a Natural number, but not a zero (1,2,3, etc.) + * + * @access public + * @param string + * @return bool + */ function is_natural_no_zero($str) - { - if ( ! preg_match( '/^[0-9]+$/', $str)) - { - return FALSE; - } - - if ($str == 0) - { - return FALSE; - } - - return TRUE; - } - + { + if ( ! preg_match( '/^[0-9]+$/', $str)) + { + return FALSE; + } + + if ($str == 0) + { + return FALSE; + } + + return TRUE; + } + // -------------------------------------------------------------------- - + /** * Valid Base64 * @@ -1172,9 +1204,9 @@ class CI_Form_validation { { return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); } - + // -------------------------------------------------------------------- - + /** * Prep data for form * @@ -1193,10 +1225,10 @@ class CI_Form_validation { { $data[$key] = $this->prep_for_form($val); } - + return $data; } - + if ($this->_safe_form_data == FALSE OR $data === '') { return $data; @@ -1204,68 +1236,73 @@ class CI_Form_validation { return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data)); } - + // -------------------------------------------------------------------- - + /** * Prep URL * * @access public * @param string * @return string - */ + */ function prep_url($str = '') { if ($str == 'http://' OR $str == '') { return ''; } - + if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://') { $str = 'http://'.$str; } - + return $str; } - + // -------------------------------------------------------------------- - + /** * Strip Image Tags * * @access public * @param string * @return string - */ + */ function strip_image_tags($str) { return $this->CI->input->strip_image_tags($str); } - + // -------------------------------------------------------------------- - + /** * XSS Clean * * @access public * @param string * @return string - */ + */ function xss_clean($str) { - return $this->CI->input->xss_clean($str); + if ( ! isset($this->CI->security)) + { + $this->CI->load->library('security'); + } + + return $this->CI->security->xss_clean($str); } - + // -------------------------------------------------------------------- - + /** * Convert PHP tags to entities * * @access public * @param string * @return string - */ + */ function encode_php_tags($str) { return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); |