Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
bc77d7c0 | 4 | | Copyright CiviCRM LLC. All rights reserved. | |
6a488035 | 5 | | | |
bc77d7c0 TO |
6 | | This work is published under the GNU AGPLv3 license with some | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
6a488035 | 9 | +--------------------------------------------------------------------+ |
d25dd0ee | 10 | */ |
6a488035 TO |
11 | |
12 | /** | |
13 | * | |
14 | * @package CRM | |
ca5cec67 | 15 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
6a488035 TO |
16 | */ |
17 | ||
18 | require_once 'HTML/QuickForm/Rule/Email.php'; | |
f942c321 | 19 | |
5bc392e6 EM |
20 | /** |
21 | * Class CRM_Utils_Rule | |
22 | */ | |
6a488035 TO |
23 | class CRM_Utils_Rule { |
24 | ||
5bc392e6 EM |
25 | /** |
26 | * @param $str | |
27 | * @param int $maxLength | |
28 | * | |
29 | * @return bool | |
30 | */ | |
00be9182 | 31 | public static function title($str, $maxLength = 127) { |
6a488035 TO |
32 | |
33 | // check length etc | |
34 | if (empty($str) || strlen($str) > $maxLength) { | |
35 | return FALSE; | |
36 | } | |
37 | ||
38 | // Make sure it include valid characters, alpha numeric and underscores | |
39 | if (!preg_match('/^\w[\w\s\'\&\,\$\#\-\.\"\?\!]+$/i', $str)) { | |
40 | return FALSE; | |
41 | } | |
42 | ||
43 | return TRUE; | |
44 | } | |
45 | ||
5bc392e6 EM |
46 | /** |
47 | * @param $str | |
48 | * | |
49 | * @return bool | |
50 | */ | |
00be9182 | 51 | public static function longTitle($str) { |
6a488035 TO |
52 | return self::title($str, 255); |
53 | } | |
54 | ||
5bc392e6 EM |
55 | /** |
56 | * @param $str | |
57 | * | |
58 | * @return bool | |
59 | */ | |
00be9182 | 60 | public static function variable($str) { |
6a488035 TO |
61 | // check length etc |
62 | if (empty($str) || strlen($str) > 31) { | |
63 | return FALSE; | |
64 | } | |
65 | ||
50bfb460 | 66 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
67 | if (!preg_match('/^[\w]+$/i', $str)) { |
68 | return FALSE; | |
69 | } | |
70 | ||
71 | return TRUE; | |
72 | } | |
73 | ||
00f11506 | 74 | /** |
a33b83c5 | 75 | * Validate that a string is a valid MySQL column name or alias. |
b794b580 | 76 | * |
00f11506 MM |
77 | * @param $str |
78 | * | |
79 | * @return bool | |
80 | */ | |
a33b83c5 | 81 | public static function mysqlColumnNameOrAlias($str) { |
10ed14b0 MM |
82 | // Check not empty. |
83 | if (empty($str)) { | |
00f11506 MM |
84 | return FALSE; |
85 | } | |
86 | ||
7cec4a9a CB |
87 | // Ensure $str conforms to expected format. Not a complete expression of |
88 | // what MySQL permits; this should permit the formats CiviCRM generates. | |
89 | // | |
90 | // * Table name prefix is optional. | |
91 | // * Table & column names & aliases: | |
92 | // * Composed of alphanumeric chars, underscore and hyphens. | |
93 | // * Maximum length of 64 chars. | |
94 | // * Optionally surrounded by backticks, in which case spaces also OK. | |
38c9ed00 | 95 | if (!preg_match('/^((`[-\w ]{1,64}`|[-\w]{1,64})\.)?(`[-\w ]{1,64}`|[-\w]{1,64})$/i', $str)) { |
00f11506 MM |
96 | return FALSE; |
97 | } | |
98 | ||
99 | return TRUE; | |
100 | } | |
101 | ||
102 | /** | |
b794b580 CB |
103 | * Validate that a string is ASC or DESC. |
104 | * | |
105 | * Empty string should be treated as invalid and ignored => default = ASC. | |
00f11506 | 106 | * |
b794b580 | 107 | * @param $str |
00f11506 MM |
108 | * @return bool |
109 | */ | |
b794b580 | 110 | public static function mysqlOrderByDirection($str) { |
00f11506 MM |
111 | if (!preg_match('/^(asc|desc)$/i', $str)) { |
112 | return FALSE; | |
113 | } | |
114 | ||
115 | return TRUE; | |
116 | } | |
117 | ||
0fa4baf0 MM |
118 | /** |
119 | * Validate that a string is valid order by clause. | |
120 | * | |
121 | * @param $str | |
122 | * @return bool | |
123 | */ | |
124 | public static function mysqlOrderBy($str) { | |
be2fb01f | 125 | $matches = []; |
9d5c7f14 | 126 | // Using the field function in order by is valid. |
127 | // Look for a string like field(contribution_status_id,3,4,6). | |
128 | // or field(civicrm_contribution.contribution_status_id,3,4,6) | |
129 | if (preg_match('/field\([a-z_.]+,[0-9,]+\)/', $str, $matches)) { | |
130 | // We have checked these. Remove them as they will fail the next lot. | |
131 | // Our check currently only permits numbers & no back ticks. If we get a | |
132 | // need for strings or backticks we can add. | |
133 | $str = str_replace($matches, '', $str); | |
134 | } | |
135 | $str = trim($str); | |
136 | if (!empty($matches) && empty($str)) { | |
137 | // nothing left to check after the field check. | |
138 | return TRUE; | |
139 | } | |
0fa4baf0 MM |
140 | // Making a regex for a comma separated list is quite hard and not readable |
141 | // at all, so we split and loop over. | |
142 | $parts = explode(',', $str); | |
143 | foreach ($parts as $part) { | |
a99e69c2 | 144 | if (!preg_match('/^((`[\w-]{1,64}`|[\w-]{1,64})\.)*(`[\w-]{1,64}`|[\w-]{1,64})( (asc|desc))?$/i', trim($part))) { |
0fa4baf0 MM |
145 | return FALSE; |
146 | } | |
147 | } | |
148 | ||
149 | return TRUE; | |
150 | } | |
151 | ||
5bc392e6 EM |
152 | /** |
153 | * @param $str | |
154 | * | |
155 | * @return bool | |
156 | */ | |
00be9182 | 157 | public static function qfVariable($str) { |
6a488035 TO |
158 | // check length etc |
159 | //if ( empty( $str ) || strlen( $str ) > 31 ) { | |
160 | if (strlen(trim($str)) == 0 || strlen($str) > 31) { | |
161 | return FALSE; | |
162 | } | |
163 | ||
50bfb460 | 164 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
165 | // added (. and ,) option (CRM-1336) |
166 | if (!preg_match('/^[\w\s\.\,]+$/i', $str)) { | |
167 | return FALSE; | |
168 | } | |
169 | ||
170 | return TRUE; | |
171 | } | |
172 | ||
5bc392e6 EM |
173 | /** |
174 | * @param $phone | |
175 | * | |
176 | * @return bool | |
177 | */ | |
00be9182 | 178 | public static function phone($phone) { |
6a488035 TO |
179 | // check length etc |
180 | if (empty($phone) || strlen($phone) > 16) { | |
181 | return FALSE; | |
182 | } | |
183 | ||
50bfb460 | 184 | // make sure it includes valid characters, (, \s and numeric |
6a488035 TO |
185 | if (preg_match('/^[\d\(\)\-\.\s]+$/', $phone)) { |
186 | return TRUE; | |
187 | } | |
188 | return FALSE; | |
189 | } | |
190 | ||
5bc392e6 EM |
191 | /** |
192 | * @param $query | |
193 | * | |
194 | * @return bool | |
195 | */ | |
00be9182 | 196 | public static function query($query) { |
6a488035 TO |
197 | // check length etc |
198 | if (empty($query) || strlen($query) < 3 || strlen($query) > 127) { | |
199 | return FALSE; | |
200 | } | |
201 | ||
50bfb460 | 202 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
203 | if (!preg_match('/^[\w\s\%\'\&\,\$\#]+$/i', $query)) { |
204 | return FALSE; | |
205 | } | |
206 | ||
207 | return TRUE; | |
208 | } | |
209 | ||
5bc392e6 EM |
210 | /** |
211 | * @param $url | |
212 | * | |
213 | * @return bool | |
214 | */ | |
00be9182 | 215 | public static function url($url) { |
c7cd4e2c | 216 | if (!$url) { |
217 | // If this is required then that should be checked elsewhere - here we are not assuming it is required. | |
218 | return TRUE; | |
219 | } | |
1136a401 | 220 | if (preg_match('/^\//', $url)) { |
221 | // allow relative URL's (CRM-15598) | |
222 | $url = 'http://' . $_SERVER['HTTP_HOST'] . $url; | |
223 | } | |
6a488035 TO |
224 | return (bool) filter_var($url, FILTER_VALIDATE_URL); |
225 | } | |
226 | ||
d9d7e7dd TO |
227 | /** |
228 | * @param $url | |
229 | * | |
230 | * @return bool | |
231 | */ | |
232 | public static function urlish($url) { | |
233 | if (empty($url)) { | |
234 | return TRUE; | |
235 | } | |
e3d28c74 | 236 | $url = Civi::paths()->getUrl($url, 'absolute'); |
d9d7e7dd TO |
237 | return (bool) filter_var($url, FILTER_VALIDATE_URL); |
238 | } | |
239 | ||
5bc392e6 EM |
240 | /** |
241 | * @param $string | |
242 | * | |
243 | * @return bool | |
244 | */ | |
00be9182 | 245 | public static function wikiURL($string) { |
6a488035 TO |
246 | $items = explode(' ', trim($string), 2); |
247 | return self::url($items[0]); | |
248 | } | |
249 | ||
5bc392e6 EM |
250 | /** |
251 | * @param $domain | |
252 | * | |
253 | * @return bool | |
254 | */ | |
00be9182 | 255 | public static function domain($domain) { |
6a488035 TO |
256 | // not perfect, but better than the previous one; see CRM-1502 |
257 | if (!preg_match('/^[A-Za-z0-9]([A-Za-z0-9\.\-]*[A-Za-z0-9])?$/', $domain)) { | |
258 | return FALSE; | |
259 | } | |
260 | return TRUE; | |
261 | } | |
262 | ||
5bc392e6 EM |
263 | /** |
264 | * @param $value | |
265 | * @param null $default | |
266 | * | |
267 | * @return null | |
268 | */ | |
00be9182 | 269 | public static function date($value, $default = NULL) { |
6a488035 TO |
270 | if (is_string($value) && |
271 | preg_match('/^\d\d\d\d-?\d\d-?\d\d$/', $value) | |
272 | ) { | |
273 | return $value; | |
274 | } | |
275 | return $default; | |
276 | } | |
277 | ||
5bc392e6 EM |
278 | /** |
279 | * @param $value | |
280 | * @param null $default | |
281 | * | |
282 | * @return null|string | |
283 | */ | |
00be9182 | 284 | public static function dateTime($value, $default = NULL) { |
6a488035 TO |
285 | $result = $default; |
286 | if (is_string($value) && | |
287 | preg_match('/^\d\d\d\d-?\d\d-?\d\d(\s\d\d:\d\d(:\d\d)?|\d\d\d\d(\d\d)?)?$/', $value) | |
288 | ) { | |
289 | $result = $value; | |
290 | } | |
291 | ||
292 | return $result; | |
293 | } | |
294 | ||
295 | /** | |
100fef9d | 296 | * Check the validity of the date (in qf format) |
6a488035 TO |
297 | * note that only a year is valid, or a mon-year is |
298 | * also valid in addition to day-mon-year. The date | |
299 | * specified has to be beyond today. (i.e today or later) | |
300 | * | |
301 | * @param array $date | |
77855840 TO |
302 | * @param bool $monthRequired |
303 | * Check whether month is mandatory. | |
6a488035 | 304 | * |
a6c01b45 CW |
305 | * @return bool |
306 | * true if valid date | |
6a488035 | 307 | */ |
00be9182 | 308 | public static function currentDate($date, $monthRequired = TRUE) { |
6a488035 TO |
309 | $config = CRM_Core_Config::singleton(); |
310 | ||
311 | $d = CRM_Utils_Array::value('d', $date); | |
312 | $m = CRM_Utils_Array::value('M', $date); | |
313 | $y = CRM_Utils_Array::value('Y', $date); | |
314 | ||
315 | if (!$d && !$m && !$y) { | |
316 | return TRUE; | |
317 | } | |
318 | ||
319 | // CRM-9017 CiviContribute/CiviMember form with expiration date format 'm Y' | |
8cc574cf | 320 | if (!$m && !empty($date['m'])) { |
6a488035 TO |
321 | $m = CRM_Utils_Array::value('m', $date); |
322 | } | |
323 | ||
324 | $day = $mon = 1; | |
325 | $year = 0; | |
326 | if ($d) { | |
327 | $day = $d; | |
328 | } | |
329 | if ($m) { | |
330 | $mon = $m; | |
331 | } | |
332 | if ($y) { | |
333 | $year = $y; | |
334 | } | |
335 | ||
336 | // if we have day we need mon, and if we have mon we need year | |
337 | if (($d && !$m) || | |
338 | ($d && !$y) || | |
339 | ($m && !$y) | |
340 | ) { | |
341 | return FALSE; | |
342 | } | |
343 | ||
344 | $result = FALSE; | |
345 | if (!empty($day) || !empty($mon) || !empty($year)) { | |
346 | $result = checkdate($mon, $day, $year); | |
347 | } | |
348 | ||
349 | if (!$result) { | |
350 | return FALSE; | |
351 | } | |
352 | ||
353 | // ensure we have month if required | |
354 | if ($monthRequired && !$m) { | |
355 | return FALSE; | |
356 | } | |
357 | ||
358 | // now make sure this date is greater that today | |
359 | $currentDate = getdate(); | |
360 | if ($year > $currentDate['year']) { | |
361 | return TRUE; | |
362 | } | |
363 | elseif ($year < $currentDate['year']) { | |
364 | return FALSE; | |
365 | } | |
366 | ||
367 | if ($m) { | |
368 | if ($mon > $currentDate['mon']) { | |
369 | return TRUE; | |
370 | } | |
371 | elseif ($mon < $currentDate['mon']) { | |
372 | return FALSE; | |
373 | } | |
374 | } | |
375 | ||
376 | if ($d) { | |
377 | if ($day > $currentDate['mday']) { | |
378 | return TRUE; | |
379 | } | |
380 | elseif ($day < $currentDate['mday']) { | |
381 | return FALSE; | |
382 | } | |
383 | } | |
384 | ||
385 | return TRUE; | |
386 | } | |
387 | ||
388 | /** | |
100fef9d | 389 | * Check the validity of a date or datetime (timestamp) |
6a488035 TO |
390 | * value which is in YYYYMMDD or YYYYMMDDHHMMSS format |
391 | * | |
392 | * Uses PHP checkdate() - params are ( int $month, int $day, int $year ) | |
393 | * | |
394 | * @param string $date | |
395 | * | |
a6c01b45 CW |
396 | * @return bool |
397 | * true if valid date | |
6a488035 | 398 | */ |
00be9182 | 399 | public static function mysqlDate($date) { |
6a488035 TO |
400 | // allow date to be null |
401 | if ($date == NULL) { | |
402 | return TRUE; | |
403 | } | |
404 | ||
405 | if (checkdate(substr($date, 4, 2), substr($date, 6, 2), substr($date, 0, 4))) { | |
406 | return TRUE; | |
407 | } | |
408 | ||
409 | return FALSE; | |
410 | } | |
411 | ||
5bc392e6 EM |
412 | /** |
413 | * @param $value | |
414 | * | |
415 | * @return bool | |
416 | */ | |
00be9182 | 417 | public static function integer($value) { |
6a488035 TO |
418 | if (is_int($value)) { |
419 | return TRUE; | |
420 | } | |
421 | ||
f942c321 DL |
422 | // CRM-13460 |
423 | // ensure number passed is always a string numeral | |
424 | if (!is_numeric($value)) { | |
425 | return FALSE; | |
426 | } | |
427 | ||
428 | // note that is_int matches only integer type | |
429 | // and not strings which are only integers | |
430 | // hence we do this here | |
431 | if (preg_match('/^\d+$/', $value)) { | |
432 | return TRUE; | |
433 | } | |
434 | ||
435 | if ($value < 0) { | |
6a488035 TO |
436 | $negValue = -1 * $value; |
437 | if (is_int($negValue)) { | |
438 | return TRUE; | |
439 | } | |
440 | } | |
441 | ||
6a488035 TO |
442 | return FALSE; |
443 | } | |
444 | ||
5bc392e6 EM |
445 | /** |
446 | * @param $value | |
447 | * | |
448 | * @return bool | |
449 | */ | |
00be9182 | 450 | public static function positiveInteger($value) { |
6a488035 TO |
451 | if (is_int($value)) { |
452 | return ($value < 0) ? FALSE : TRUE; | |
453 | } | |
454 | ||
f942c321 DL |
455 | // CRM-13460 |
456 | // ensure number passed is always a string numeral | |
457 | if (!is_numeric($value)) { | |
458 | return FALSE; | |
459 | } | |
460 | ||
461 | if (preg_match('/^\d+$/', $value)) { | |
6a488035 TO |
462 | return TRUE; |
463 | } | |
464 | ||
465 | return FALSE; | |
466 | } | |
467 | ||
fe61faf3 CW |
468 | /** |
469 | * @param $value | |
470 | * | |
471 | * @return bool | |
472 | */ | |
473 | public static function commaSeparatedIntegers($value) { | |
474 | foreach (explode(',', $value) as $val) { | |
62d7cac4 SL |
475 | // Remove any Whitespace around the key. |
476 | $val = trim($val); | |
fe61faf3 CW |
477 | if (!self::positiveInteger($val)) { |
478 | return FALSE; | |
479 | } | |
480 | } | |
481 | return TRUE; | |
482 | } | |
483 | ||
5bc392e6 EM |
484 | /** |
485 | * @param $value | |
486 | * | |
487 | * @return bool | |
488 | */ | |
00be9182 | 489 | public static function numeric($value) { |
f942c321 DL |
490 | // lets use a php gatekeeper to ensure this is numeric |
491 | if (!is_numeric($value)) { | |
492 | return FALSE; | |
493 | } | |
494 | ||
6a488035 TO |
495 | return preg_match('/(^-?\d\d*\.\d*$)|(^-?\d\d*$)|(^-?\.\d\d*$)/', $value) ? TRUE : FALSE; |
496 | } | |
497 | ||
d22982f3 SM |
498 | /** |
499 | * Test whether $value is alphanumeric. | |
500 | * | |
501 | * Underscores and dashes are also allowed! | |
502 | * | |
503 | * This is the type of string you could expect to see in URL parameters | |
504 | * like `?mode=live` vs `?mode=test`. This function exists so that we can be | |
505 | * strict about what we accept for such values, thus mitigating against | |
506 | * potential security issues. | |
507 | * | |
508 | * @see \CRM_Utils_RuleTest::alphanumericData | |
509 | * for examples of vales that give TRUE/FALSE here | |
510 | * | |
511 | * @param $value | |
512 | * | |
513 | * @return bool | |
514 | */ | |
515 | public static function alphanumeric($value) { | |
516 | return preg_match('/^[a-zA-Z0-9_-]*$/', $value) ? TRUE : FALSE; | |
517 | } | |
518 | ||
5bc392e6 EM |
519 | /** |
520 | * @param $value | |
521 | * @param $noOfDigit | |
522 | * | |
523 | * @return bool | |
524 | */ | |
00be9182 | 525 | public static function numberOfDigit($value, $noOfDigit) { |
6a488035 TO |
526 | return preg_match('/^\d{' . $noOfDigit . '}$/', $value) ? TRUE : FALSE; |
527 | } | |
528 | ||
8a52ae34 CW |
529 | /** |
530 | * Strict validation of 6-digit hex color notation per html5 <input type="color"> | |
531 | * | |
532 | * @param $value | |
533 | * @return bool | |
534 | */ | |
535 | public static function color($value) { | |
536 | return (bool) preg_match('/^#([\da-fA-F]{6})$/', $value); | |
537 | } | |
538 | ||
5bc392e6 | 539 | /** |
83644f47 | 540 | * Strip thousand separator from a money string. |
541 | * | |
542 | * Note that this should be done at the form layer. Once we are processing | |
543 | * money at the BAO or processor layer we should be working with something that | |
544 | * is already in a normalised format. | |
545 | * | |
546 | * @param string $value | |
5bc392e6 | 547 | * |
83644f47 | 548 | * @return string |
5bc392e6 | 549 | */ |
00be9182 | 550 | public static function cleanMoney($value) { |
6a488035 | 551 | // first remove all white space |
be2fb01f | 552 | $value = str_replace([' ', "\t", "\n"], '', $value); |
6a488035 TO |
553 | |
554 | $config = CRM_Core_Config::singleton(); | |
555 | ||
e7292422 | 556 | //CRM-14868 |
ef88f444 | 557 | $currencySymbols = CRM_Core_PseudoConstant::get( |
353ffa53 | 558 | 'CRM_Contribute_DAO_Contribution', |
be2fb01f | 559 | 'currency', [ |
353ffa53 TO |
560 | 'keyColumn' => 'name', |
561 | 'labelColumn' => 'symbol', | |
be2fb01f | 562 | ] |
e70a7fc0 | 563 | ); |
e7292422 | 564 | $value = str_replace($currencySymbols, '', $value); |
ef88f444 | 565 | |
6a488035 TO |
566 | if ($config->monetaryThousandSeparator) { |
567 | $mon_thousands_sep = $config->monetaryThousandSeparator; | |
568 | } | |
569 | else { | |
570 | $mon_thousands_sep = ','; | |
571 | } | |
572 | ||
573 | // ugly fix for CRM-6391: do not drop the thousand separator if | |
574 | // it looks like it’s separating decimal part (because a given | |
575 | // value undergoes a second cleanMoney() call, for example) | |
b81f42da | 576 | // CRM-15835 - in case the amount/value contains 0 after decimal |
577 | // eg 150.5 the following if condition will pass | |
578 | if ($mon_thousands_sep != '.' or (substr($value, -3, 1) != '.' && substr($value, -2, 1) != '.')) { | |
6a488035 TO |
579 | $value = str_replace($mon_thousands_sep, '', $value); |
580 | } | |
581 | ||
582 | if ($config->monetaryDecimalPoint) { | |
583 | $mon_decimal_point = $config->monetaryDecimalPoint; | |
584 | } | |
585 | else { | |
586 | $mon_decimal_point = '.'; | |
587 | } | |
588 | $value = str_replace($mon_decimal_point, '.', $value); | |
589 | ||
590 | return $value; | |
591 | } | |
592 | ||
5bc392e6 EM |
593 | /** |
594 | * @param $value | |
595 | * | |
596 | * @return bool | |
597 | */ | |
00be9182 | 598 | public static function money($value) { |
6a488035 TO |
599 | $config = CRM_Core_Config::singleton(); |
600 | ||
50bfb460 SB |
601 | // only edge case when we have a decimal point in the input money |
602 | // field and not defined in the decimal Point in config settings | |
6a488035 TO |
603 | if ($config->monetaryDecimalPoint && |
604 | $config->monetaryDecimalPoint != '.' && | |
50bfb460 | 605 | // CRM-7122 also check for Thousands Separator in config settings |
6a488035 TO |
606 | $config->monetaryThousandSeparator != '.' && |
607 | substr_count($value, '.') | |
608 | ) { | |
609 | return FALSE; | |
610 | } | |
611 | ||
612 | $value = self::cleanMoney($value); | |
613 | ||
614 | if (self::integer($value)) { | |
615 | return TRUE; | |
616 | } | |
617 | ||
ce18e8d1 MW |
618 | // Allow values such as -0, 1.024555, -.1 |
619 | // We need to support multiple decimal places here, not just the number allowed by locale | |
620 | // otherwise tax calculations break when you want the inclusive amount to be a round number (eg. £10 inc. VAT requires 8.333333333 here). | |
621 | return preg_match('/(^-?\d+\.?\d*$)|(^-?\.\d+$)/', $value) ? TRUE : FALSE; | |
6a488035 TO |
622 | } |
623 | ||
5bc392e6 EM |
624 | /** |
625 | * @param $value | |
626 | * @param int $maxLength | |
627 | * | |
628 | * @return bool | |
629 | */ | |
00be9182 | 630 | public static function string($value, $maxLength = 0) { |
6a488035 TO |
631 | if (is_string($value) && |
632 | ($maxLength === 0 || strlen($value) <= $maxLength) | |
633 | ) { | |
634 | return TRUE; | |
635 | } | |
636 | return FALSE; | |
637 | } | |
638 | ||
5bc392e6 EM |
639 | /** |
640 | * @param $value | |
641 | * | |
642 | * @return bool | |
643 | */ | |
00be9182 | 644 | public static function boolean($value) { |
6a488035 TO |
645 | return preg_match( |
646 | '/(^(1|0)$)|(^(Y(es)?|N(o)?)$)|(^(T(rue)?|F(alse)?)$)/i', $value | |
647 | ) ? TRUE : FALSE; | |
648 | } | |
649 | ||
5bc392e6 EM |
650 | /** |
651 | * @param $value | |
652 | * | |
653 | * @return bool | |
654 | */ | |
00be9182 | 655 | public static function email($value) { |
6a488035 TO |
656 | return (bool) filter_var($value, FILTER_VALIDATE_EMAIL); |
657 | } | |
658 | ||
5bc392e6 EM |
659 | /** |
660 | * @param $list | |
661 | * | |
662 | * @return bool | |
663 | */ | |
00be9182 | 664 | public static function emailList($list) { |
6a488035 TO |
665 | $emails = explode(',', $list); |
666 | foreach ($emails as $email) { | |
667 | $email = trim($email); | |
668 | if (!self::email($email)) { | |
669 | return FALSE; | |
670 | } | |
671 | } | |
672 | return TRUE; | |
673 | } | |
674 | ||
5bc392e6 | 675 | /** |
4f1f1f2a CW |
676 | * allow between 4-6 digits as postal code since india needs 6 and US needs 5 (or |
677 | * if u disregard the first 0, 4 (thanx excel!) | |
678 | * FIXME: we need to figure out how to localize such rules | |
5bc392e6 EM |
679 | * @param $value |
680 | * | |
681 | * @return bool | |
682 | */ | |
00be9182 | 683 | public static function postalCode($value) { |
6a488035 TO |
684 | if (preg_match('/^\d{4,6}(-\d{4})?$/', $value)) { |
685 | return TRUE; | |
686 | } | |
687 | return FALSE; | |
688 | } | |
689 | ||
690 | /** | |
100fef9d | 691 | * See how file rules are written in HTML/QuickForm/file.php |
6a488035 TO |
692 | * Checks to make sure the uploaded file is ascii |
693 | * | |
ea3ddccf | 694 | * @param string $elementValue |
695 | * | |
a6c01b45 | 696 | * @return bool |
ea3ddccf | 697 | * True if file has been uploaded, false otherwise |
6a488035 | 698 | */ |
00be9182 | 699 | public static function asciiFile($elementValue) { |
6a488035 TO |
700 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || |
701 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
702 | ) { | |
703 | return CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
704 | } | |
705 | return FALSE; | |
706 | } | |
707 | ||
708 | /** | |
709 | * Checks to make sure the uploaded file is in UTF-8, recodes if it's not | |
710 | * | |
ea3ddccf | 711 | * @param array $elementValue |
712 | * | |
a6c01b45 | 713 | * @return bool |
ea3ddccf | 714 | * Whether file has been uploaded properly and is now in UTF-8. |
6a488035 | 715 | */ |
00be9182 | 716 | public static function utf8File($elementValue) { |
6a488035 TO |
717 | $success = FALSE; |
718 | ||
719 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || | |
720 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
721 | ) { | |
722 | ||
723 | $success = CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
724 | ||
725 | // if it's a file, but not UTF-8, let's try and recode it | |
726 | // and then make sure it's an UTF-8 file in the end | |
727 | if (!$success) { | |
728 | $success = CRM_Utils_File::toUtf8($elementValue['tmp_name']); | |
729 | if ($success) { | |
730 | $success = CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
731 | } | |
732 | } | |
733 | } | |
734 | return $success; | |
735 | } | |
736 | ||
737 | /** | |
100fef9d | 738 | * See how file rules are written in HTML/QuickForm/file.php |
6a488035 TO |
739 | * Checks to make sure the uploaded file is html |
740 | * | |
ea3ddccf | 741 | * @param array $elementValue |
742 | * | |
a6c01b45 | 743 | * @return bool |
ea3ddccf | 744 | * True if file has been uploaded, false otherwise |
6a488035 | 745 | */ |
00be9182 | 746 | public static function htmlFile($elementValue) { |
6a488035 TO |
747 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || |
748 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
749 | ) { | |
750 | return CRM_Utils_File::isHtmlFile($elementValue['tmp_name']); | |
751 | } | |
752 | return FALSE; | |
753 | } | |
754 | ||
755 | /** | |
fe482240 | 756 | * Check if there is a record with the same name in the db. |
6a488035 | 757 | * |
77855840 TO |
758 | * @param string $value |
759 | * The value of the field we are checking. | |
760 | * @param array $options | |
35b63106 | 761 | * The daoName, fieldName (optional) and DomainID (optional). |
6a488035 | 762 | * |
408b79bf | 763 | * @return bool |
a6c01b45 | 764 | * true if object exists |
6a488035 | 765 | */ |
00be9182 | 766 | public static function objectExists($value, $options) { |
6a488035 TO |
767 | $name = 'name'; |
768 | if (isset($options[2])) { | |
769 | $name = $options[2]; | |
770 | } | |
771 | ||
35b63106 | 772 | return CRM_Core_DAO::objectExists($value, CRM_Utils_Array::value(0, $options), CRM_Utils_Array::value(1, $options), CRM_Utils_Array::value(2, $options, $name), CRM_Utils_Array::value(3, $options)); |
6a488035 TO |
773 | } |
774 | ||
5bc392e6 EM |
775 | /** |
776 | * @param $value | |
777 | * @param $options | |
778 | * | |
779 | * @return bool | |
780 | */ | |
00be9182 | 781 | public static function optionExists($value, $options) { |
e6101f17 | 782 | return CRM_Core_OptionValue::optionExists($value, $options[0], $options[1], $options[2], CRM_Utils_Array::value(3, $options, 'name'), CRM_Utils_Array::value(4, $options, FALSE)); |
6a488035 TO |
783 | } |
784 | ||
5bc392e6 EM |
785 | /** |
786 | * @param $value | |
787 | * @param $type | |
788 | * | |
789 | * @return bool | |
790 | */ | |
00be9182 | 791 | public static function creditCardNumber($value, $type) { |
6a488035 TO |
792 | return Validate_Finance_CreditCard::number($value, $type); |
793 | } | |
794 | ||
5bc392e6 EM |
795 | /** |
796 | * @param $value | |
797 | * @param $type | |
798 | * | |
799 | * @return bool | |
800 | */ | |
00be9182 | 801 | public static function cvv($value, $type) { |
6a488035 TO |
802 | return Validate_Finance_CreditCard::cvv($value, $type); |
803 | } | |
804 | ||
5bc392e6 EM |
805 | /** |
806 | * @param $value | |
807 | * | |
808 | * @return bool | |
809 | */ | |
00be9182 | 810 | public static function currencyCode($value) { |
6a488035 TO |
811 | static $currencyCodes = NULL; |
812 | if (!$currencyCodes) { | |
813 | $currencyCodes = CRM_Core_PseudoConstant::currencyCode(); | |
814 | } | |
815 | if (in_array($value, $currencyCodes)) { | |
816 | return TRUE; | |
817 | } | |
818 | return FALSE; | |
819 | } | |
820 | ||
5bc392e6 EM |
821 | /** |
822 | * @param $value | |
823 | * | |
824 | * @return bool | |
825 | */ | |
00be9182 | 826 | public static function xssString($value) { |
6a488035 TO |
827 | if (is_string($value)) { |
828 | return preg_match('!<(vb)?script[^>]*>.*</(vb)?script.*>!ims', | |
829 | $value | |
830 | ) ? FALSE : TRUE; | |
831 | } | |
832 | else { | |
833 | return TRUE; | |
834 | } | |
835 | } | |
836 | ||
88251439 | 837 | /** |
838 | * Validate json string for xss | |
839 | * | |
840 | * @param string $value | |
841 | * | |
842 | * @return bool | |
843 | * False if invalid, true if valid / safe. | |
844 | */ | |
845 | public static function json($value) { | |
846 | if (!self::xssString($value)) { | |
847 | return FALSE; | |
848 | } | |
849 | $array = json_decode($value, TRUE); | |
850 | if (!$array || !is_array($array)) { | |
851 | return FALSE; | |
852 | } | |
853 | return self::arrayValue($array); | |
854 | } | |
855 | ||
5bc392e6 EM |
856 | /** |
857 | * @param $path | |
858 | * | |
859 | * @return bool | |
860 | */ | |
00be9182 | 861 | public static function fileExists($path) { |
6a488035 TO |
862 | return file_exists($path); |
863 | } | |
864 | ||
d9d7e7dd TO |
865 | /** |
866 | * Determine whether the value contains a valid reference to a directory. | |
867 | * | |
868 | * Paths stored in the setting system may be absolute -- or may be | |
869 | * relative to the default data directory. | |
870 | * | |
871 | * @param string $path | |
872 | * @return bool | |
873 | */ | |
874 | public static function settingPath($path) { | |
e3d28c74 | 875 | return is_dir(Civi::paths()->getPath($path)); |
d9d7e7dd TO |
876 | } |
877 | ||
5bc392e6 EM |
878 | /** |
879 | * @param $value | |
880 | * @param null $actualElementValue | |
881 | * | |
882 | * @return bool | |
883 | */ | |
00be9182 | 884 | public static function validContact($value, $actualElementValue = NULL) { |
6a488035 TO |
885 | if ($actualElementValue) { |
886 | $value = $actualElementValue; | |
887 | } | |
888 | ||
258570f7 | 889 | return CRM_Utils_Rule::positiveInteger($value); |
6a488035 TO |
890 | } |
891 | ||
892 | /** | |
100fef9d | 893 | * Check the validity of the date (in qf format) |
6a488035 TO |
894 | * note that only a year is valid, or a mon-year is |
895 | * also valid in addition to day-mon-year | |
896 | * | |
897 | * @param array $date | |
898 | * | |
a6c01b45 CW |
899 | * @return bool |
900 | * true if valid date | |
6a488035 | 901 | */ |
00be9182 | 902 | public static function qfDate($date) { |
6a488035 TO |
903 | $config = CRM_Core_Config::singleton(); |
904 | ||
905 | $d = CRM_Utils_Array::value('d', $date); | |
906 | $m = CRM_Utils_Array::value('M', $date); | |
907 | $y = CRM_Utils_Array::value('Y', $date); | |
908 | if (isset($date['h']) || | |
909 | isset($date['g']) | |
910 | ) { | |
911 | $m = CRM_Utils_Array::value('M', $date); | |
912 | } | |
913 | ||
914 | if (!$d && !$m && !$y) { | |
915 | return TRUE; | |
916 | } | |
917 | ||
918 | $day = $mon = 1; | |
919 | $year = 0; | |
920 | if ($d) { | |
921 | $day = $d; | |
922 | } | |
923 | if ($m) { | |
924 | $mon = $m; | |
925 | } | |
926 | if ($y) { | |
927 | $year = $y; | |
928 | } | |
929 | ||
930 | // if we have day we need mon, and if we have mon we need year | |
931 | if (($d && !$m) || | |
932 | ($d && !$y) || | |
933 | ($m && !$y) | |
934 | ) { | |
935 | return FALSE; | |
936 | } | |
937 | ||
938 | if (!empty($day) || !empty($mon) || !empty($year)) { | |
939 | return checkdate($mon, $day, $year); | |
940 | } | |
941 | return FALSE; | |
942 | } | |
943 | ||
5bc392e6 EM |
944 | /** |
945 | * @param $key | |
946 | * | |
947 | * @return bool | |
948 | */ | |
00be9182 | 949 | public static function qfKey($key) { |
6a488035 TO |
950 | return ($key) ? CRM_Core_Key::valid($key) : FALSE; |
951 | } | |
96025800 | 952 | |
79326ee2 SB |
953 | /** |
954 | * Check if the values in the date range are in correct chronological order. | |
955 | * | |
956 | * @param array $fields | |
957 | * Fields of the form. | |
958 | * @param $fieldName | |
959 | * Name of date range field. | |
960 | * @param $errors | |
961 | * The error array. | |
962 | * @param $title | |
963 | * Title of the date range to be displayed in the error message. | |
964 | */ | |
965 | public static function validDateRange($fields, $fieldName, &$errors, $title) { | |
966 | $lowDate = strtotime($fields[$fieldName . '_low']); | |
967 | $highDate = strtotime($fields[$fieldName . '_high']); | |
968 | ||
969 | if ($lowDate > $highDate) { | |
be2fb01f | 970 | $errors[$fieldName . '_range_error'] = ts('%1: Please check that your date range is in correct chronological order.', [1 => $title]); |
79326ee2 SB |
971 | } |
972 | } | |
973 | ||
5df85a46 SL |
974 | /** |
975 | * @param string $key Extension Key to check | |
976 | * @return bool | |
977 | */ | |
9e1d9d01 | 978 | public static function checkExtensionKeyIsValid($key = NULL) { |
5df85a46 SL |
979 | if (!empty($key) && !preg_match('/^[0-9a-zA-Z._-]+$/', $key)) { |
980 | return FALSE; | |
981 | } | |
982 | return TRUE; | |
983 | } | |
984 | ||
88251439 | 985 | /** |
986 | * Validate array recursively checking keys and values. | |
987 | * | |
988 | * @param array $array | |
989 | * @return bool | |
990 | */ | |
991 | protected static function arrayValue($array) { | |
992 | foreach ($array as $key => $item) { | |
993 | if (is_array($item)) { | |
994 | if (!self::xssString($key) || !self::arrayValue($item)) { | |
995 | return FALSE; | |
996 | } | |
997 | } | |
998 | if (!self::xssString($key) || !self::xssString($item)) { | |
999 | return FALSE; | |
1000 | } | |
1001 | } | |
1002 | return TRUE; | |
1003 | } | |
1004 | ||
6a488035 | 1005 | } |