From eccde13b8ae8be69645cf1abedcdbdc3c278b615 Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Thu, 14 Jun 2012 23:22:26 +0200 Subject: exact length passed as string needs to be casted to int --- system/libraries/Form_validation.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 6cbe032c7..069751b45 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1035,7 +1035,7 @@ class CI_Form_validation { * Exact Length * * @param string - * @param int + * @param string * @return bool */ public function exact_length($str, $val) @@ -1045,6 +1045,8 @@ class CI_Form_validation { return FALSE; } + $val = (int) $val; + return (MB_ENABLED === TRUE) ? (mb_strlen($str) === $val) : (strlen($str) === $val); -- cgit v1.2.3-24-g4f1b From a8221ade975111eb55da06b553789ad541bf2bff Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Thu, 14 Jun 2012 23:26:34 +0200 Subject: fix --- system/libraries/Form_validation.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 069751b45..37eb7a9cd 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -993,7 +993,7 @@ class CI_Form_validation { * Minimum Length * * @param string - * @param int + * @param string * @return bool */ public function min_length($str, $val) @@ -1014,7 +1014,7 @@ class CI_Form_validation { * Max Length * * @param string - * @param int + * @param string * @return bool */ public function max_length($str, $val) @@ -1045,11 +1045,9 @@ class CI_Form_validation { return FALSE; } - $val = (int) $val; - return (MB_ENABLED === TRUE) - ? (mb_strlen($str) === $val) - : (strlen($str) === $val); + ? (mb_strlen($str) === intval($val)) + : (strlen($str) === intval($val)); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 64cfef0fb8cf6254cb08a0c2e3aef04cd5721942 Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Thu, 14 Jun 2012 23:30:44 +0200 Subject: fixed other functions --- system/libraries/Form_validation.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 37eb7a9cd..621316c4a 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1004,8 +1004,8 @@ class CI_Form_validation { } return (MB_ENABLED === TRUE) - ? ($val <= mb_strlen($str)) - : ($val <= strlen($str)); + ? (intval($val) <= mb_strlen($str)) + : (intval($val) <= strlen($str)); } // -------------------------------------------------------------------- @@ -1025,8 +1025,8 @@ class CI_Form_validation { } return (MB_ENABLED === TRUE) - ? ($val >= mb_strlen($str)) - : ($val >= strlen($str)); + ? (intval($val) >= mb_strlen($str)) + : (intval($val) >= strlen($str)); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From ceaf887a7a849eab95b1bed1a837e2e3a1720c99 Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Fri, 15 Jun 2012 11:56:24 +0200 Subject: some optimizations --- system/libraries/Form_validation.php | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 621316c4a..6d4446d0c 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -998,14 +998,18 @@ class CI_Form_validation { */ public function min_length($str, $val) { - if (preg_match('/[^0-9]/', $val)) + if ( ! is_numeric($val)) { return FALSE; } + else + { + $val = (int) $val; + } return (MB_ENABLED === TRUE) - ? (intval($val) <= mb_strlen($str)) - : (intval($val) <= strlen($str)); + ? ($val <= mb_strlen($str)) + : ($val <= strlen($str)); } // -------------------------------------------------------------------- @@ -1019,14 +1023,18 @@ class CI_Form_validation { */ public function max_length($str, $val) { - if (preg_match('/[^0-9]/', $val)) + if ( ! is_numeric($val)) { return FALSE; } + else + { + $val = (int) $val; + } return (MB_ENABLED === TRUE) - ? (intval($val) >= mb_strlen($str)) - : (intval($val) >= strlen($str)); + ? ($val >= mb_strlen($str)) + : ($val >= strlen($str)); } // -------------------------------------------------------------------- @@ -1040,14 +1048,18 @@ class CI_Form_validation { */ public function exact_length($str, $val) { - if (preg_match('/[^0-9]/', $val)) + if ( ! is_numeric($val)) { return FALSE; } + else + { + $val = (int) $val; + } return (MB_ENABLED === TRUE) - ? (mb_strlen($str) === intval($val)) - : (strlen($str) === intval($val)); + ? (mb_strlen($str) === $val) + : (strlen($str) === $val); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From e446ad337945b7839b73f13531b21ed16ece241e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Jun 2012 15:23:41 +0300 Subject: Optimize encode_php_tags() --- system/libraries/Form_validation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 6d4446d0c..fb1c69caf 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1382,7 +1382,7 @@ class CI_Form_validation { */ public function encode_php_tags($str) { - return str_replace(array(''), array('<?php', '<?PHP', '<?', '?>'), $str); + return str_replace(array(''), array('<?', '?>'), $str); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 6ac514484fffd9700c6ecc57cfa1b1fd105e37f6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 18 Jun 2012 13:05:17 +0300 Subject: Fix issue #1328 --- system/libraries/Form_validation.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index fb1c69caf..db773e252 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -649,7 +649,12 @@ class CI_Form_validation { } else { - $postdata = $this->_field_data[$row['field']]['postdata']; + // If we get an array field, but it's not expected - then it is most likely + // somebody messing with the form on the client side, so we'll just consider + // it an empty field + $postdata = is_array($this->_field_data[$row['field']]['postdata']) + ? NULL + : $this->_field_data[$row['field']]['postdata']; } // Is the rule a callback? -- cgit v1.2.3-24-g4f1b From 8d3099d4e5261e0f044c7fcd8b3ab7724645aa8d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 21 Jun 2012 16:00:20 +0300 Subject: Fix issue #79 --- system/libraries/Form_validation.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index db773e252..4bb29e41b 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -571,8 +571,7 @@ class CI_Form_validation { { foreach ($postdata as $key => $val) { - $this->_execute($row, $rules, $val, $cycles); - $cycles++; + $this->_execute($row, $rules, $val, $key); } return; -- cgit v1.2.3-24-g4f1b From 290f0046df6a1cf0e6f48f5b7f0043278475bea8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 26 Jun 2012 11:13:53 +0300 Subject: Fix issue #1533 --- system/libraries/Form_validation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 4bb29e41b..484e306b9 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1277,7 +1277,7 @@ class CI_Form_validation { */ public function is_natural_no_zero($str) { - return ($str !== 0 && preg_match('/^[0-9]+$/', $str)); + return ($str && preg_match('/^[0-9]+$/', $str)); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 1a24a9da3cfbacf8802ffd0b79f5494d30278007 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Jun 2012 00:52:47 +0300 Subject: Fix issue #427 --- system/libraries/Form_validation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 484e306b9..0d9c65f6f 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1360,7 +1360,7 @@ class CI_Form_validation { */ public function strip_image_tags($str) { - return $this->CI->input->strip_image_tags($str); + return $this->CI->security->strip_image_tags($str); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From e01db4bfe805f9c9293609089381aaa0cb7afab4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Jun 2012 00:55:59 +0300 Subject: Correct solution to #1533 --- system/libraries/Form_validation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 0d9c65f6f..e7b89d0c4 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1277,7 +1277,7 @@ class CI_Form_validation { */ public function is_natural_no_zero($str) { - return ($str && preg_match('/^[0-9]+$/', $str)); + return ($str != 0 && preg_match('/^[0-9]+$/', $str)); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From acb962e5aa6fb607751dc2012ff6df25acbd518b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Jun 2012 12:04:24 +0300 Subject: Use ctype_* functions in Form_validation instead of PCRE when possible --- system/libraries/Form_validation.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index e7b89d0c4..8e03e91f3 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1129,7 +1129,7 @@ class CI_Form_validation { */ public function alpha($str) { - return (bool) preg_match('/^[a-z]+$/i', $str); + return ctype_alpha($str); } // -------------------------------------------------------------------- @@ -1142,7 +1142,7 @@ class CI_Form_validation { */ public function alpha_numeric($str) { - return (bool) preg_match('/^[a-z0-9]+$/i', $str); + return ctype_alnum((string) $str); } // -------------------------------------------------------------------- @@ -1264,7 +1264,7 @@ class CI_Form_validation { */ public function is_natural($str) { - return (bool) preg_match('/^[0-9]+$/', $str); + return ctype_digit((string) $str); } // -------------------------------------------------------------------- @@ -1277,7 +1277,7 @@ class CI_Form_validation { */ public function is_natural_no_zero($str) { - return ($str != 0 && preg_match('/^[0-9]+$/', $str)); + return ($str != 0 && ctype_digit((string) $str)); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b