Mercurial > hg > fapweb
diff msitegen.inc.php @ 184:1b30c2107e5b
Add function for validating input with different definable conditions. Use
this functionality in register.inc.php. Define field sizes.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Fri, 08 Nov 2013 18:54:54 +0200 |
parents | a3f0f2a3551a |
children | 96ab189e5c03 |
line wrap: on
line diff
--- a/msitegen.inc.php Fri Nov 08 12:08:16 2013 +0200 +++ b/msitegen.inc.php Fri Nov 08 18:54:54 2013 +0200 @@ -9,11 +9,19 @@ $errorSet = FALSE; $errorMsg = ""; +// Value types define("VT_STR", 1); define("VT_INT", 2); define("VT_BOOL", 3); define("VT_TEXT", 4); +// Validation check types +define("CHK_TYPE", 1); +define("CHK_ISLT", 2); +define("CHK_ISGT", 3); +define("CHK_ISEQ", 4); +define("CHK_CUSTOM", 5); + function stDebug($msg) { @@ -206,15 +214,97 @@ } -function stChkDataItem($name) +function stErrorStrF($msg, $data) { - return !isset($_REQUEST[$name]) || strlen(trim($_REQUEST[$name])) < 1; + stError($msg); + return FALSE; } -function stChkRequestItem($name) +// +// Check and validate one item from $_REQUEST[], based on +// list of validation conditions. For example: +// +// stChkRequestItem("name", FALSE, +// array(CHK_ISGT, VT_STR, 0, "Handle / name not given."), +// array(CHK_ISGT, VT_STR, 3, "Handle / name too short, should be 3 characters or more."), +// array(CHK_ISLT, VT_STR, SET_LEN_USERNAME, "Handle / name is too long, should be less than ".SET_LEN_USERNAME." characters.")); +// +function stChkRequestItem($name, &$sdata) { - return isset($_REQUEST[$name]); + if (!isset($_REQUEST[$name])) + return FALSE; + + $data = trim($_REQUEST[$name]); + $slen = strlen($data); + + if ($sdata !== FALSE) + $sdata = $data; + + // Go through list of validation checks + $argc = func_num_args(); + $argv = func_get_args(); + + for ($argn = 2; $argn < $argc; $argn++) + { + // Act according to check type + $check = $argv[$argn]; + switch ($check[0]) + { + case CHK_TYPE: + // Check type of the data + switch ($check[1]) + { + case VT_STR: + if ($slen == 0) + return stErrorStrF($check[2], $data); + break; + + case VT_INT: + case VT_BOOL: + if ($slen == 0 || !is_numeric($data)) + return stErrorStrF($check[2], $data); + break; + } + break; + + case CHK_ISLT: + case CHK_ISGT: + case CHK_ISEQ: + // Check length or value of the data + switch ($check[1]) + { + case VT_STR: + case VT_TEXT: + // Strings get their length checked + if (($check[0] == CHK_ISLT && $slen >= $check[2]) || + ($check[0] == CHK_ISGT && $slen <= $check[2]) || + ($check[0] == CHK_ISEQ && $slen != $check[2])) + return stErrorStrF($check[3], $data); + break; + + case VT_INT: + case VT_BOOL: + // Integer values checked against .. value + $sval = to_int($data); + if (($check[0] == CHK_ISLT && $sval >= $check[2]) || + ($check[0] == CHK_ISGT && $sval <= $check[2]) || + ($check[0] == CHK_ISEQ && $sval != $check[2])) + return stErrorStrF($check[3], $data); + break; + } + break; + + case CHK_CUSTOM: + // Call a custom function (or closure) + $func = $check[1]; + if (!is_callable($func) || !$func($data)) + return stErrorStrF($check[2], $data); + break; + } + } + + return TRUE; }