<?php
/**
* CodeIgniter
*
* An open source application development framework for PHP 4.3.2 or newer
*
* @package CodeIgniter
* @author ExpressionEngine Dev Team
* @copyright Copyright (c) 2006, EllisLab, Inc.
* @license http://codeigniter.com/user_guide/license.html
* @link http://codeigniter.com
* @since Version 1.0
* @filesource
*/
// ------------------------------------------------------------------------
/**
* Validation Class
*
*
*
*
*
* $rules['username'] = "required";
$rules['password'] = "required";
$rules['passconf'] = "required";
$rules['email'] = "required";
$this->validation->set_rules($rules);
if ($this->validation->run() == FALSE)
{
$this->load->view('myform');
}
else
{
$this->load->view('formsuccess');
}
*
*
*
*
* @package CodeIgniter
* @subpackage Libraries
* @category Validation
* @author ExpressionEngine Dev Team
* @link http://codeigniter.com/user_guide/libraries/validation.html
*
*/
class Validation {
var $error_string = '';
var $success_string = '';
var $_error_array = array();
var $_rules = array();
var $_fields = array();
var $_error_messages = array();
var $_current_field = '';
var $_safe_form_data = FALSE;
var $_error_prefix = '<p>';
var $_error_suffix = '</p>';
private static $_instance = null;
private $_controller = null;
/**
* Constructor
*
*/
private function __construct()
{
//log_message('debug', "Validation Class Initialized");
// set default messages
$this->_error_messages = array('required' => __('The %s field is required.'),
'isset' => __('The %s field must have a value.'),
'valid_email' => __('The %s field must contain a valid email address.'),
'valid_url' => __('The %s field must contain a valid URL.'),
'valid_ip' => __('The %s field must contain a valid IP.'),
'min_length' => __('The %s field must be at least %s characters in length.'),
'max_length' => __('The %s field can not exceed %s characters in length.'),
'exact_length' => __('The %s field must be exactly %s characters in length.'),
'alpha' => __('The %s field may only contain alphabetical characters.'),
'alpha_numeric' => __('The %s field may only contain alpha-numeric characters.'),
'alpha_dash' => __('The %s field may only contain alpha-numeric characters, underscores, and dashes.'),
'numeric' => __('The %s field must contain a number.'),
'integer' => __('The %s field must contain an integer.'),
'matches' => __('The %s field does not match the %s field.'));
}
static public function getInstance() {
if(is_null(self::$_instance))
{
self::$_instance = new self();
}
return self::$_instance;
}
// --------------------------------------------------------------------
function set_controller($controller)
{
$this->_controller = $controller;
}
/**
* Set Fields
*
* This function takes an array of field names as input
* and generates class variables with the same name, which will
* either be blank or contain the $_POST value corresponding to it
*
* @access public
* @param string
* @param string
* @return void
*/
function set_fields($data = '', $field = '')
{
if ($data == '')
{
if (count($this->_fields) == 0)
{
return FALSE;
}
}
else
{
if ( ! is_array($data))
{
$data = array($data => $field);
}
if (count($data) > 0)
{
$this->_fields = $data;
}
}
foreach($this->_fields as $key => $val)
{
$this->$key = ( ! isset($_POST[$key])) ? '' : $this->prep_for_form($_POST[$key]);
$error = $key.'_error';
if ( ! isset($this->$error))
{
$this->$error = '';
}
}
}
// --------------------------------------------------------------------
/**
* Set Rules
*
* This function takes an array of field names and validation
* rules as input ad simply stores is for use later.
*
* @access public
* @param mixed
* @param string
* @return void
*/
function set_rules($data, $rules = '')
{
if ( ! is_array($data))
{
if ($rules == '')
return;
$data[$data] = $rules;
}
foreach ($data as $key => $val)
{
$this->_rules[$key] = $val;
}
}
// --------------------------------------------------------------------
/**
* Set Error Message
*
* Lets users set their own error messages on the fly. Note: The key
* name has to match the function name that it corresponds to.
*
* @access public
* @param string
* @param string
* @return string
*/
function set_message($lang, $val = '')
{
if ( ! is_array($lang))
{
$lang = array($lang => $val);
}
$this->_error_messages = array_merge($this->_error_messages, $lang);
}
// --------------------------------------------------------------------
/**
* Set The Error Delimiter
*
* Permits a prefix/suffix to be added to each error message
*
* @access public
* @param string
* @param string
* @return void
*/
function set_error_delimiters($prefix = '<p>', $suffix = '</p>')
{
$this->_error_prefix = $prefix;
$this->_error_suffix = $suffix;
}
// --------------------------------------------------------------------
/**
* Run the Validator
*
* This function does all the work.
*
* @access public
* @return bool
*/
function run()
{
// Do we even have any data to process? Mm?
if (count($_POST) == 0 OR count($this->_rules) == 0)
{
return FALSE;
}
// Cycle through the rules and test for errors
foreach ($this->_rules as $field => $rules)
{
//Explode out the rules!
$ex = explode('|', $rules);
// Is the field required? If not, if the field is blank we'll move on to the next test
if ( ! in_array('required', $ex, TRUE))
{
if ( ! isset($_POST[$field]) OR $_POST[$field] == '')
{
continue;
}
}
/*
* Are we dealing with an "isset" rule?
*
* Before going further, we'll see if one of the rules
* is to check whether the item is set (typically this
* applies only to checkboxes). If so, we'll
* test for it here since there's not reason to go
* further
*/
if ( ! isset($_POST[$field]))
{
if (in_array('isset', $ex, TRUE) OR in_array('required', $ex))
{
$line = $this->_error_messages['isset'];
// Build the error message
// Common field name can be translated (password, name, email, confirm...)
$mfield = ( ! isset($this->_fields[$field])) ? __($field) : $this->_fields[$field];
$message = sprintf($line, $mfield);
// Set the error variable. Example: $this->username_error
$error = $field.'_error';
$this->$error = $this->_error_prefix.$message.$this->_error_suffix;
$this->_error_array[] = $message;
}
continue;
}
/*
* Set the current field
*
* The various prepping functions need to know the
* current field name so they can do this:
*
* $_POST[$this->_current_field] == 'bla bla';
*/
$this->_current_field = $field;
// Cycle through the rules!
foreach ($ex As $rule)
{
// Is the rule a callback?
$callback = FALSE;
if (substr($rule, 0, 9) == 'callback_')
{
$rule = substr($rule, 9);
$callback = TRUE;
}
// Strip the parameter (if exists) from the rule
// Rules can contain a parameter: max_length[5]
$param = FALSE;
if (preg_match("/(.*?)\[(.*?)\]/", $rule, $match))
{
$rule = $match[1];
$param = $match[2];
}
// Call the function that corresponds to the rule
if ($callback === TRUE)
{
if ( ! method_exists($this->_controller, $rule))
{
continue;
}
$result = $this->_controller->$rule($_POST[$field], $param);
// If the field isn't required and we just processed a callback we'll move on...
if ( ! in_array('required', $ex, TRUE) AND $result !== FALSE)
{
continue 2;
}
}
else
{
if ( ! method_exists($this, $rule))
{
/*
* Run the native PHP function if called for
*
* If our own wrapper function doesn't exist we see
* if a native PHP function does. Users can use
* any native PHP function call that has one param.
*/
if (function_exists($rule))
{
$_POST[$field] = $rule($_POST[$field]);
$this->$field = $_POST[$field];
}
continue;
}
$result = $this->$rule($_POST[$field], $param);
}
// Did the rule test negatively? If so, grab the error.
if ($result === FALSE)
{
if ( ! isset($this->_error_messages[$rule]))
{
$line = 'Unable to access an error message corresponding to your field name.';
}
else
{
$line = $this->_error_messages[$rule];
}
// Build the error message
// Common field name can be translated (password, name, email, confirm...)
$mfield = ( ! isset($this->_fields[$field])) ? __($field) : $this->_fields[$field];
$mparam = ( ! isset($this->_fields[$param])) ? __($param) : $this->_fields[$param];
$message = sprintf($line, $mfield, $mparam);
// Set the error variable. Example: $this->username_error
$error = $field.'_error';
$this->$error = $this->_error_prefix.$message.$this->_error_suffix;
// Add the error to the error array
$this->_error_array[] = $message;
continue 2;
}
}
}
$total_errors = count($this->_error_array);
/*
* Recompile the class variables
*
* If any prepping functions were called the $_POST data
* might now be different then the corresponding class
* variables so we'll set them anew.
*/
if ($total_errors > 0)
{
$this->_safe_form_data = TRUE;
}
$this->set_fields();
// Did we end up with any errors?
if ($total_errors == 0)
{
return TRUE;
}
// Generate the error string
foreach ($this->_error_array as $val)
{
$this->error_string .= $this->_error_prefix.$val.$this->_error_suffix."\n";
}
return FALSE;
}
// --------------------------------------------------------------------
/**
* Required
*
* @access public
* @param string
* @return bool
*/
function required($str)
{
if ( ! is_array($str))
{
return (trim($str) == '') ? FALSE : TRUE;
}
else
{
return ( ! empty($str));
}
}
// --------------------------------------------------------------------
/**
* Match one field to another
*
* @access public
* @param string
* @return bool
*/
function matches($str, $field)
{
if ( ! isset($_POST[$field]))
{
return FALSE;
}
return ($str !== $_POST[$field]) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Minimum Length
*
* @access public
* @param string
* @return bool
*/
function min_length($str, $val)
{
if (preg_match("/[^0-9]/", $val))
{
return FALSE;
}
return (strlen($str) < $val) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Max Length
*
* @access public
* @param string
* @return bool
*/
function max_length($str, $val)
{
if (preg_match("/[^0-9]/", $val))
{
return FALSE;
}
return (strlen($str) > $val) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Exact Length
*
* @access public
* @param string
* @return bool
*/
function exact_length($str, $val)
{
if (preg_match("/[^0-9]/", $val))
{
return FALSE;
}
return (strlen($str) != $val) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Valid Email
*
* @access public
* @param string
* @return bool
*/
function valid_email($str)
{
return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Validate IP Address
*
* @access public
* @param string
* @return string
*/
function valid_ip($ip)
{
return $this->input()->valid_ip($ip);
}
// --------------------------------------------------------------------
/**
* Alpha
*
* @access public
* @param string
* @return bool
*/
function alpha($str)
{
return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Alpha-numeric
*
* @access public
* @param string
* @return bool
*/
function alpha_numeric($str)
{
return ( ! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Alpha-numeric with underscores and dashes
*
* @access public
* @param string
* @return bool
*/
function alpha_dash($str)
{
return ( ! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Numeric
*
* @access public
* @param string
* @return bool
*/
function numeric($str)
{
return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str);
}
// --------------------------------------------------------------------
/**
* Is Numeric
*
* @access public
* @param string
* @return bool
*/
function is_numeric($str)
{
return ( ! is_numeric($str)) ? FALSE : TRUE;
}
// --------------------------------------------------------------------
/**
* Integer
*
* @access public
* @param string
* @return bool
*/
function integer($str)
{
return (bool)preg_match( '/^[\-+]?[0-9]+$/', $str);
}
// --------------------------------------------------------------------
/**
* Valid Base64
*
* Tests a string for characters outside of the Base64 alphabet
* as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045
*
* @access public
* @param string
* @return bool
*/
function valid_base64($str)
{
return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
}
// --------------------------------------------------------------------
/**
* Set Select
*
* Enables pull-down lists to be set to the value the user
* selected in the event of an error
*
* @access public
* @param string
* @param string
* @return string
*/
function set_select($field = '', $value = '')
{
if ($field == '' OR $value == '' OR ! isset($_POST[$field]))
{
return '';
}
if ($_POST[$field] == $value)
{
return ' selected="selected"';
}
}
// --------------------------------------------------------------------
/**
* Set Radio
*
* Enables radio buttons to be set to the value the user
* selected in the event of an error
*
* @access public
* @param string
* @param string
* @return string
*/
function set_radio($field = '', $value = '')
{
if ($field == '' OR $value == '' OR ! isset($_POST[$field]))
{
return '';
}
if ($_POST[$field] == $value)
{
return ' checked="checked"';
}
}
// --------------------------------------------------------------------
/**
* Set Checkbox
*
* Enables checkboxes to be set to the value the user
* selected in the event of an error
*
* @access public
* @param string
* @param string
* @return string
*/
function set_checkbox($field = '', $value = '')
{
if ($field == '' OR $value == '' OR ! isset($_POST[$field]))
{
return '';
}
if ($_POST[$field] == $value)
{
return ' checked="checked"';
}
}
// --------------------------------------------------------------------
/**
* Prep data for form
*
* This function allows HTML to be safely shown in a form.
* Special characters are converted.
*
* @access public
* @param string
* @return string
*/
function prep_for_form($data = '')
{
if (is_array($data))
{
foreach ($data as $key => $val)
{
$data[$key] = $this->prep_for_form($val);
}
}
if ($this->_safe_form_data == FALSE OR $data == '')
{
return $data;
}
return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data));
}
// --------------------------------------------------------------------
/**
* Prep URL
*
* @access public
* @param string
* @return string
*/
function prep_url($str = '')
{
if ($str == 'http://' OR $str == '')
{
$_POST[$this->_current_field] = '';
return;
}
if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://')
{
$str = 'http://'.$str;
}
$_POST[$this->_current_field] = $str;
}
// --------------------------------------------------------------------
/**
* Strip Image Tags
*
* @access public
* @param string
* @return string
*/
function strip_image_tags($str)
{
$_POST[$this->_current_field] = $this->input()->strip_image_tags($str);
}
// --------------------------------------------------------------------
/**
* XSS Clean
*
* @access public
* @param string
* @return string
*/
function xss_clean($str)
{
$_POST[$this->_current_field] = $this->input()->xss_clean($str);
}
// --------------------------------------------------------------------
/**
* Convert PHP tags to entities
*
* @access public
* @param string
* @return string
*/
function encode_php_tags($str)
{
$_POST[$this->_current_field] = str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str);
}
public function input()
{
return Input::getInstance();
}
public function messages($class='msg')
{
echo $this->messages_dump($class);
}
public function messages_dump($class='msg')
{
if(count($this->_error_array))
{
// Generate the error string
foreach ($this->_error_array as $val)
{
$error_string .= $this->_error_prefix.$val.$this->_error_suffix."\n";
}
$r = '<div class="'.$class.'-error">'.$error_string.'</div>';
}
if($this->success_string)
{
// show success message
$r = '<div class="'.$class.'-success">'.$this->success_string.'</div>';
}
if(Flash::get('error'))
{
$r = '<div class="'.$class.'-error">'.Flash::get('error').'</div>';
}
if(Flash::get('success'))
{
$r = '<div class="'.$class.'-success">'.Flash::get('success').'</div>';
}
return $r;
}
public function set_error($message, $field='')
{
// Set the error variable. Example: $this->username_error
if($field!=='')
{
$error = $field.'_error';
$this->$error = $this->_error_prefix.$message.$this->_error_suffix;
}
$this->_error_array[] = $message;
}
public function set_success($message)
{
$this->success_string = $message;
}
}
// END Validation Class
?>