Blame | Last modification | View Log | RSS feed
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');/*** CodeIgniter** An open source application development framework for PHP 4.3.2 or newer** @package CodeIgniter* @author ExpressionEngine Dev Team* @copyright Copyright (c) 2008, EllisLab, Inc.* @license http://codeigniter.com/user_guide/license.html* @link http://codeigniter.com* @since Version 1.0* @filesource*/// ------------------------------------------------------------------------/*** Validation Class** @package CodeIgniter* @subpackage Libraries* @category Validation* @author ExpressionEngine Dev Team* @link http://codeigniter.com/user_guide/libraries/validation.html*/class CI_Validation {var $CI;var $error_string = '';var $_error_array = array();var $_rules = array();var $_fields = array();var $_error_messages = array();var $_current_field = '';var $_safe_form_data = FALSE;var $_error_prefix = '<p>';var $_error_suffix = '</p>';/*** Constructor**/function CI_Validation(){$this->CI =& get_instance();if (function_exists('mb_internal_encoding')){mb_internal_encoding($this->CI->config->item('charset'));}log_message('debug', "Validation Class Initialized");}// --------------------------------------------------------------------/*** Set Fields** This function takes an array of field names as input* and generates class variables with the same name, which will* either be blank or contain the $_POST value corresponding to it** @access public* @param string* @param string* @return void*/function set_fields($data = '', $field = ''){if ($data == ''){if (count($this->_fields) == 0){return FALSE;}}else{if ( ! is_array($data)){$data = array($data => $field);}if (count($data) > 0){$this->_fields = $data;}}foreach($this->_fields as $key => $val){$this->$key = ( ! isset($_POST[$key])) ? '' : $this->prep_for_form($_POST[$key]);$error = $key.'_error';if ( ! isset($this->$error)){$this->$error = '';}}}// --------------------------------------------------------------------/*** Set Rules** This function takes an array of field names and validation* rules as input ad simply stores is for use later.** @access public* @param mixed* @param string* @return void*/function set_rules($data, $rules = ''){if ( ! is_array($data)){if ($rules == '')return;$data = array($data => $rules);}foreach ($data as $key => $val){$this->_rules[$key] = $val;}}// --------------------------------------------------------------------/*** Set Error Message** Lets users set their own error messages on the fly. Note: The key* name has to match the function name that it corresponds to.** @access public* @param string* @param string* @return string*/function set_message($lang, $val = ''){if ( ! is_array($lang)){$lang = array($lang => $val);}$this->_error_messages = array_merge($this->_error_messages, $lang);}// --------------------------------------------------------------------/*** Set The Error Delimiter** Permits a prefix/suffix to be added to each error message** @access public* @param string* @param string* @return void*/function set_error_delimiters($prefix = '<p>', $suffix = '</p>'){$this->_error_prefix = $prefix;$this->_error_suffix = $suffix;}// --------------------------------------------------------------------/*** Run the Validator** This function does all the work.** @access public* @return bool*/function run(){// Do we even have any data to process? Mm?if (count($_POST) == 0 OR count($this->_rules) == 0){return FALSE;}// Load the language file containing error messages$this->CI->lang->load('validation');// Cycle through the rules and test for errorsforeach ($this->_rules as $field => $rules){//Explode out the rules!$ex = explode('|', $rules);// Is the field required? If not, if the field is blank we'll move on to the next testif ( ! in_array('required', $ex, TRUE)){if ( ! isset($_POST[$field]) OR $_POST[$field] == ''){continue;}}/** Are we dealing with an "isset" rule?** Before going further, we'll see if one of the rules* is to check whether the item is set (typically this* applies only to checkboxes). If so, we'll* test for it here since there's not reason to go* further*/if ( ! isset($_POST[$field])){if (in_array('isset', $ex, TRUE) OR in_array('required', $ex)){if ( ! isset($this->_error_messages['isset'])){if (FALSE === ($line = $this->CI->lang->line('isset'))){$line = 'The field was not set';}}else{$line = $this->_error_messages['isset'];}// Build the error message$mfield = ( ! isset($this->_fields[$field])) ? $field : $this->_fields[$field];$message = sprintf($line, $mfield);// Set the error variable. Example: $this->username_error$error = $field.'_error';$this->$error = $this->_error_prefix.$message.$this->_error_suffix;$this->_error_array[] = $message;}continue;}/** Set the current field** The various prepping functions need to know the* current field name so they can do this:** $_POST[$this->_current_field] == 'bla bla';*/$this->_current_field = $field;// Cycle through the rules!foreach ($ex As $rule){// Is the rule a callback?$callback = FALSE;if (substr($rule, 0, 9) == 'callback_'){$rule = substr($rule, 9);$callback = TRUE;}// Strip the parameter (if exists) from the rule// Rules can contain a parameter: max_length[5]$param = FALSE;if (preg_match("/(.*?)\[(.*?)\]/", $rule, $match)){$rule = $match[1];$param = $match[2];}// Call the function that corresponds to the ruleif ($callback === TRUE){if ( ! method_exists($this->CI, $rule)){continue;}$result = $this->CI->$rule($_POST[$field], $param);// If the field isn't required and we just processed a callback we'll move on...if ( ! in_array('required', $ex, TRUE) AND $result !== FALSE){continue 2;}}else{if ( ! method_exists($this, $rule)){/** Run the native PHP function if called for** If our own wrapper function doesn't exist we see* if a native PHP function does. Users can use* any native PHP function call that has one param.*/if (function_exists($rule)){$_POST[$field] = $rule($_POST[$field]);$this->$field = $_POST[$field];}continue;}$result = $this->$rule($_POST[$field], $param);}// Did the rule test negatively? If so, grab the error.if ($result === FALSE){if ( ! isset($this->_error_messages[$rule])){if (FALSE === ($line = $this->CI->lang->line($rule))){$line = 'Unable to access an error message corresponding to your field name.';}}else{$line = $this->_error_messages[$rule];}// Build the error message$mfield = ( ! isset($this->_fields[$field])) ? $field : $this->_fields[$field];$mparam = ( ! isset($this->_fields[$param])) ? $param : $this->_fields[$param];$message = sprintf($line, $mfield, $mparam);// Set the error variable. Example: $this->username_error$error = $field.'_error';$this->$error = $this->_error_prefix.$message.$this->_error_suffix;// Add the error to the error array$this->_error_array[] = $message;continue 2;}}}$total_errors = count($this->_error_array);/** Recompile the class variables** If any prepping functions were called the $_POST data* might now be different then the corresponding class* variables so we'll set them anew.*/if ($total_errors > 0){$this->_safe_form_data = TRUE;}$this->set_fields();// Did we end up with any errors?if ($total_errors == 0){return TRUE;}// Generate the error stringforeach ($this->_error_array as $val){$this->error_string .= $this->_error_prefix.$val.$this->_error_suffix."\n";}return FALSE;}// --------------------------------------------------------------------/*** Required** @access public* @param string* @return bool*/function required($str){if ( ! is_array($str)){return (trim($str) == '') ? FALSE : TRUE;}else{return ( ! empty($str));}}// --------------------------------------------------------------------/*** Match one field to another** @access public* @param string* @param field* @return bool*/function matches($str, $field){if ( ! isset($_POST[$field])){return FALSE;}return ($str !== $_POST[$field]) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Minimum Length** @access public* @param string* @param value* @return bool*/function min_length($str, $val){if (preg_match("/[^0-9]/", $val)){return FALSE;}if (function_exists('mb_strlen')){return (mb_strlen($str) < $val) ? FALSE : TRUE;}return (strlen($str) < $val) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Max Length** @access public* @param string* @param value* @return bool*/function max_length($str, $val){if (preg_match("/[^0-9]/", $val)){return FALSE;}if (function_exists('mb_strlen')){return (mb_strlen($str) > $val) ? FALSE : TRUE;}return (strlen($str) > $val) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Exact Length** @access public* @param string* @param value* @return bool*/function exact_length($str, $val){if (preg_match("/[^0-9]/", $val)){return FALSE;}if (function_exists('mb_strlen')){return (mb_strlen($str) != $val) ? FALSE : TRUE;}return (strlen($str) != $val) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Valid Email** @access public* @param string* @return bool*/function valid_email($str){return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Valid Emails** @access public* @param string* @return bool*/function valid_emails($str){if (strpos($str, ',') === FALSE){return $this->valid_email(trim($str));}foreach(explode(',', $str) as $email){if (trim($email) != '' && $this->valid_email(trim($email)) === FALSE){return FALSE;}}return TRUE;}// --------------------------------------------------------------------/*** Validate IP Address** @access public* @param string* @return string*/function valid_ip($ip){return $this->CI->input->valid_ip($ip);}// --------------------------------------------------------------------/*** Alpha** @access public* @param string* @return bool*/function alpha($str){return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Alpha-numeric** @access public* @param string* @return bool*/function alpha_numeric($str){return ( ! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Alpha-numeric with underscores and dashes** @access public* @param string* @return bool*/function alpha_dash($str){return ( ! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Numeric** @access public* @param string* @return bool*/function numeric($str){return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str);}// --------------------------------------------------------------------/*** Is Numeric** @access public* @param string* @return bool*/function is_numeric($str){return ( ! is_numeric($str)) ? FALSE : TRUE;}// --------------------------------------------------------------------/*** Integer** @access public* @param string* @return bool*/function integer($str){return (bool)preg_match( '/^[\-+]?[0-9]+$/', $str);}// --------------------------------------------------------------------/*** Is a Natural number (0,1,2,3, etc.)** @access public* @param string* @return bool*/function is_natural($str){return (bool)preg_match( '/^[0-9]+$/', $str);}// --------------------------------------------------------------------/*** Is a Natural number, but not a zero (1,2,3, etc.)** @access public* @param string* @return bool*/function is_natural_no_zero($str){if ( ! preg_match( '/^[0-9]+$/', $str)){return FALSE;}if ($str == 0){return FALSE;}return TRUE;}// --------------------------------------------------------------------/*** Valid Base64** Tests a string for characters outside of the Base64 alphabet* as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045** @access public* @param string* @return bool*/function valid_base64($str){return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);}// --------------------------------------------------------------------/*** Set Select** Enables pull-down lists to be set to the value the user* selected in the event of an error** @access public* @param string* @param string* @return string*/function set_select($field = '', $value = ''){if ($field == '' OR $value == '' OR ! isset($_POST[$field])){return '';}if ($_POST[$field] == $value){return ' selected="selected"';}}// --------------------------------------------------------------------/*** Set Radio** Enables radio buttons to be set to the value the user* selected in the event of an error** @access public* @param string* @param string* @return string*/function set_radio($field = '', $value = ''){if ($field == '' OR $value == '' OR ! isset($_POST[$field])){return '';}if ($_POST[$field] == $value){return ' checked="checked"';}}// --------------------------------------------------------------------/*** Set Checkbox** Enables checkboxes to be set to the value the user* selected in the event of an error** @access public* @param string* @param string* @return string*/function set_checkbox($field = '', $value = ''){if ($field == '' OR $value == '' OR ! isset($_POST[$field])){return '';}if ($_POST[$field] == $value){return ' checked="checked"';}}// --------------------------------------------------------------------/*** Prep data for form** This function allows HTML to be safely shown in a form.* Special characters are converted.** @access public* @param string* @return string*/function prep_for_form($data = ''){if (is_array($data)){foreach ($data as $key => $val){$data[$key] = $this->prep_for_form($val);}return $data;}if ($this->_safe_form_data == FALSE OR $data == ''){return $data;}return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data));}// --------------------------------------------------------------------/*** Prep URL** @access public* @param string* @return string*/function prep_url($str = ''){if ($str == 'http://' OR $str == ''){$_POST[$this->_current_field] = '';return;}if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://'){$str = 'http://'.$str;}$_POST[$this->_current_field] = $str;}// --------------------------------------------------------------------/*** Strip Image Tags** @access public* @param string* @return string*/function strip_image_tags($str){$_POST[$this->_current_field] = $this->CI->input->strip_image_tags($str);}// --------------------------------------------------------------------/*** XSS Clean** @access public* @param string* @return string*/function xss_clean($str){$_POST[$this->_current_field] = $this->CI->input->xss_clean($str);}// --------------------------------------------------------------------/*** Convert PHP tags to entities** @access public* @param string* @return string*/function encode_php_tags($str){$_POST[$this->_current_field] = str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str);}}// END Validation Class/* End of file Validation.php *//* Location: ./system/libraries/Validation.php */