Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
bc77d7c0 | 4 | | Copyright CiviCRM LLC. All rights reserved. | |
6a488035 | 5 | | | |
bc77d7c0 TO |
6 | | This work is published under the GNU AGPLv3 license with some | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
6a488035 | 9 | +--------------------------------------------------------------------+ |
d25dd0ee | 10 | */ |
6a488035 TO |
11 | |
12 | /** | |
13 | * | |
14 | * @package CRM | |
ca5cec67 | 15 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
6a488035 TO |
16 | */ |
17 | ||
18 | require_once 'HTML/QuickForm/Rule/Email.php'; | |
f942c321 | 19 | |
5bc392e6 EM |
20 | /** |
21 | * Class CRM_Utils_Rule | |
22 | */ | |
6a488035 TO |
23 | class CRM_Utils_Rule { |
24 | ||
5bc392e6 EM |
25 | /** |
26 | * @param $str | |
27 | * @param int $maxLength | |
28 | * | |
29 | * @return bool | |
30 | */ | |
00be9182 | 31 | public static function title($str, $maxLength = 127) { |
6a488035 TO |
32 | |
33 | // check length etc | |
34 | if (empty($str) || strlen($str) > $maxLength) { | |
35 | return FALSE; | |
36 | } | |
37 | ||
38 | // Make sure it include valid characters, alpha numeric and underscores | |
39 | if (!preg_match('/^\w[\w\s\'\&\,\$\#\-\.\"\?\!]+$/i', $str)) { | |
40 | return FALSE; | |
41 | } | |
42 | ||
43 | return TRUE; | |
44 | } | |
45 | ||
5bc392e6 EM |
46 | /** |
47 | * @param $str | |
48 | * | |
49 | * @return bool | |
50 | */ | |
00be9182 | 51 | public static function longTitle($str) { |
6a488035 TO |
52 | return self::title($str, 255); |
53 | } | |
54 | ||
5bc392e6 EM |
55 | /** |
56 | * @param $str | |
57 | * | |
58 | * @return bool | |
59 | */ | |
00be9182 | 60 | public static function variable($str) { |
6a488035 TO |
61 | // check length etc |
62 | if (empty($str) || strlen($str) > 31) { | |
63 | return FALSE; | |
64 | } | |
65 | ||
50bfb460 | 66 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
67 | if (!preg_match('/^[\w]+$/i', $str)) { |
68 | return FALSE; | |
69 | } | |
70 | ||
71 | return TRUE; | |
72 | } | |
73 | ||
00f11506 | 74 | /** |
a33b83c5 | 75 | * Validate that a string is a valid MySQL column name or alias. |
b794b580 | 76 | * |
00f11506 MM |
77 | * @param $str |
78 | * | |
79 | * @return bool | |
80 | */ | |
a33b83c5 | 81 | public static function mysqlColumnNameOrAlias($str) { |
10ed14b0 MM |
82 | // Check not empty. |
83 | if (empty($str)) { | |
00f11506 MM |
84 | return FALSE; |
85 | } | |
86 | ||
7cec4a9a CB |
87 | // Ensure $str conforms to expected format. Not a complete expression of |
88 | // what MySQL permits; this should permit the formats CiviCRM generates. | |
89 | // | |
90 | // * Table name prefix is optional. | |
91 | // * Table & column names & aliases: | |
92 | // * Composed of alphanumeric chars, underscore and hyphens. | |
93 | // * Maximum length of 64 chars. | |
94 | // * Optionally surrounded by backticks, in which case spaces also OK. | |
38c9ed00 | 95 | if (!preg_match('/^((`[-\w ]{1,64}`|[-\w]{1,64})\.)?(`[-\w ]{1,64}`|[-\w]{1,64})$/i', $str)) { |
00f11506 MM |
96 | return FALSE; |
97 | } | |
98 | ||
99 | return TRUE; | |
100 | } | |
101 | ||
102 | /** | |
b794b580 CB |
103 | * Validate that a string is ASC or DESC. |
104 | * | |
105 | * Empty string should be treated as invalid and ignored => default = ASC. | |
00f11506 | 106 | * |
b794b580 | 107 | * @param $str |
00f11506 MM |
108 | * @return bool |
109 | */ | |
b794b580 | 110 | public static function mysqlOrderByDirection($str) { |
00f11506 MM |
111 | if (!preg_match('/^(asc|desc)$/i', $str)) { |
112 | return FALSE; | |
113 | } | |
114 | ||
115 | return TRUE; | |
116 | } | |
117 | ||
0fa4baf0 MM |
118 | /** |
119 | * Validate that a string is valid order by clause. | |
120 | * | |
121 | * @param $str | |
122 | * @return bool | |
123 | */ | |
124 | public static function mysqlOrderBy($str) { | |
be2fb01f | 125 | $matches = []; |
9d5c7f14 | 126 | // Using the field function in order by is valid. |
127 | // Look for a string like field(contribution_status_id,3,4,6). | |
128 | // or field(civicrm_contribution.contribution_status_id,3,4,6) | |
129 | if (preg_match('/field\([a-z_.]+,[0-9,]+\)/', $str, $matches)) { | |
130 | // We have checked these. Remove them as they will fail the next lot. | |
131 | // Our check currently only permits numbers & no back ticks. If we get a | |
132 | // need for strings or backticks we can add. | |
133 | $str = str_replace($matches, '', $str); | |
134 | } | |
135 | $str = trim($str); | |
136 | if (!empty($matches) && empty($str)) { | |
137 | // nothing left to check after the field check. | |
138 | return TRUE; | |
139 | } | |
0fa4baf0 MM |
140 | // Making a regex for a comma separated list is quite hard and not readable |
141 | // at all, so we split and loop over. | |
142 | $parts = explode(',', $str); | |
143 | foreach ($parts as $part) { | |
a99e69c2 | 144 | if (!preg_match('/^((`[\w-]{1,64}`|[\w-]{1,64})\.)*(`[\w-]{1,64}`|[\w-]{1,64})( (asc|desc))?$/i', trim($part))) { |
0fa4baf0 MM |
145 | return FALSE; |
146 | } | |
147 | } | |
148 | ||
149 | return TRUE; | |
150 | } | |
151 | ||
5bc392e6 EM |
152 | /** |
153 | * @param $str | |
154 | * | |
155 | * @return bool | |
156 | */ | |
00be9182 | 157 | public static function qfVariable($str) { |
6a488035 TO |
158 | // check length etc |
159 | //if ( empty( $str ) || strlen( $str ) > 31 ) { | |
160 | if (strlen(trim($str)) == 0 || strlen($str) > 31) { | |
161 | return FALSE; | |
162 | } | |
163 | ||
50bfb460 | 164 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
165 | // added (. and ,) option (CRM-1336) |
166 | if (!preg_match('/^[\w\s\.\,]+$/i', $str)) { | |
167 | return FALSE; | |
168 | } | |
169 | ||
170 | return TRUE; | |
171 | } | |
172 | ||
5bc392e6 EM |
173 | /** |
174 | * @param $phone | |
175 | * | |
176 | * @return bool | |
177 | */ | |
00be9182 | 178 | public static function phone($phone) { |
6a488035 TO |
179 | // check length etc |
180 | if (empty($phone) || strlen($phone) > 16) { | |
181 | return FALSE; | |
182 | } | |
183 | ||
50bfb460 | 184 | // make sure it includes valid characters, (, \s and numeric |
6a488035 TO |
185 | if (preg_match('/^[\d\(\)\-\.\s]+$/', $phone)) { |
186 | return TRUE; | |
187 | } | |
188 | return FALSE; | |
189 | } | |
190 | ||
5bc392e6 EM |
191 | /** |
192 | * @param $query | |
193 | * | |
194 | * @return bool | |
195 | */ | |
00be9182 | 196 | public static function query($query) { |
6a488035 TO |
197 | // check length etc |
198 | if (empty($query) || strlen($query) < 3 || strlen($query) > 127) { | |
199 | return FALSE; | |
200 | } | |
201 | ||
50bfb460 | 202 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
203 | if (!preg_match('/^[\w\s\%\'\&\,\$\#]+$/i', $query)) { |
204 | return FALSE; | |
205 | } | |
206 | ||
207 | return TRUE; | |
208 | } | |
209 | ||
5bc392e6 EM |
210 | /** |
211 | * @param $url | |
212 | * | |
213 | * @return bool | |
214 | */ | |
00be9182 | 215 | public static function url($url) { |
c7cd4e2c | 216 | if (!$url) { |
217 | // If this is required then that should be checked elsewhere - here we are not assuming it is required. | |
218 | return TRUE; | |
219 | } | |
1136a401 | 220 | if (preg_match('/^\//', $url)) { |
221 | // allow relative URL's (CRM-15598) | |
222 | $url = 'http://' . $_SERVER['HTTP_HOST'] . $url; | |
223 | } | |
6a488035 TO |
224 | return (bool) filter_var($url, FILTER_VALIDATE_URL); |
225 | } | |
226 | ||
d9d7e7dd TO |
227 | /** |
228 | * @param $url | |
229 | * | |
230 | * @return bool | |
231 | */ | |
232 | public static function urlish($url) { | |
233 | if (empty($url)) { | |
234 | return TRUE; | |
235 | } | |
e3d28c74 | 236 | $url = Civi::paths()->getUrl($url, 'absolute'); |
d9d7e7dd TO |
237 | return (bool) filter_var($url, FILTER_VALIDATE_URL); |
238 | } | |
239 | ||
5bc392e6 EM |
240 | /** |
241 | * @param $string | |
242 | * | |
243 | * @return bool | |
244 | */ | |
00be9182 | 245 | public static function wikiURL($string) { |
6a488035 TO |
246 | $items = explode(' ', trim($string), 2); |
247 | return self::url($items[0]); | |
248 | } | |
249 | ||
5bc392e6 EM |
250 | /** |
251 | * @param $domain | |
252 | * | |
253 | * @return bool | |
254 | */ | |
00be9182 | 255 | public static function domain($domain) { |
6a488035 TO |
256 | // not perfect, but better than the previous one; see CRM-1502 |
257 | if (!preg_match('/^[A-Za-z0-9]([A-Za-z0-9\.\-]*[A-Za-z0-9])?$/', $domain)) { | |
258 | return FALSE; | |
259 | } | |
260 | return TRUE; | |
261 | } | |
262 | ||
5bc392e6 EM |
263 | /** |
264 | * @param $value | |
265 | * @param null $default | |
266 | * | |
267 | * @return null | |
268 | */ | |
00be9182 | 269 | public static function date($value, $default = NULL) { |
6a488035 TO |
270 | if (is_string($value) && |
271 | preg_match('/^\d\d\d\d-?\d\d-?\d\d$/', $value) | |
272 | ) { | |
273 | return $value; | |
274 | } | |
275 | return $default; | |
276 | } | |
277 | ||
5bc392e6 EM |
278 | /** |
279 | * @param $value | |
280 | * @param null $default | |
281 | * | |
282 | * @return null|string | |
283 | */ | |
00be9182 | 284 | public static function dateTime($value, $default = NULL) { |
6a488035 TO |
285 | $result = $default; |
286 | if (is_string($value) && | |
287 | preg_match('/^\d\d\d\d-?\d\d-?\d\d(\s\d\d:\d\d(:\d\d)?|\d\d\d\d(\d\d)?)?$/', $value) | |
288 | ) { | |
289 | $result = $value; | |
290 | } | |
291 | ||
292 | return $result; | |
293 | } | |
294 | ||
295 | /** | |
100fef9d | 296 | * Check the validity of the date (in qf format) |
6a488035 TO |
297 | * note that only a year is valid, or a mon-year is |
298 | * also valid in addition to day-mon-year. The date | |
299 | * specified has to be beyond today. (i.e today or later) | |
300 | * | |
301 | * @param array $date | |
77855840 TO |
302 | * @param bool $monthRequired |
303 | * Check whether month is mandatory. | |
6a488035 | 304 | * |
a6c01b45 CW |
305 | * @return bool |
306 | * true if valid date | |
6a488035 | 307 | */ |
00be9182 | 308 | public static function currentDate($date, $monthRequired = TRUE) { |
6a488035 TO |
309 | $config = CRM_Core_Config::singleton(); |
310 | ||
9c1bc317 CW |
311 | $d = $date['d'] ?? NULL; |
312 | $m = $date['M'] ?? NULL; | |
313 | $y = $date['Y'] ?? NULL; | |
6a488035 TO |
314 | |
315 | if (!$d && !$m && !$y) { | |
316 | return TRUE; | |
317 | } | |
318 | ||
319 | // CRM-9017 CiviContribute/CiviMember form with expiration date format 'm Y' | |
8cc574cf | 320 | if (!$m && !empty($date['m'])) { |
9c1bc317 | 321 | $m = $date['m'] ?? NULL; |
6a488035 TO |
322 | } |
323 | ||
324 | $day = $mon = 1; | |
325 | $year = 0; | |
326 | if ($d) { | |
327 | $day = $d; | |
328 | } | |
329 | if ($m) { | |
330 | $mon = $m; | |
331 | } | |
332 | if ($y) { | |
333 | $year = $y; | |
334 | } | |
335 | ||
336 | // if we have day we need mon, and if we have mon we need year | |
337 | if (($d && !$m) || | |
338 | ($d && !$y) || | |
339 | ($m && !$y) | |
340 | ) { | |
341 | return FALSE; | |
342 | } | |
343 | ||
344 | $result = FALSE; | |
345 | if (!empty($day) || !empty($mon) || !empty($year)) { | |
346 | $result = checkdate($mon, $day, $year); | |
347 | } | |
348 | ||
349 | if (!$result) { | |
350 | return FALSE; | |
351 | } | |
352 | ||
353 | // ensure we have month if required | |
354 | if ($monthRequired && !$m) { | |
355 | return FALSE; | |
356 | } | |
357 | ||
358 | // now make sure this date is greater that today | |
359 | $currentDate = getdate(); | |
360 | if ($year > $currentDate['year']) { | |
361 | return TRUE; | |
362 | } | |
363 | elseif ($year < $currentDate['year']) { | |
364 | return FALSE; | |
365 | } | |
366 | ||
367 | if ($m) { | |
368 | if ($mon > $currentDate['mon']) { | |
369 | return TRUE; | |
370 | } | |
371 | elseif ($mon < $currentDate['mon']) { | |
372 | return FALSE; | |
373 | } | |
374 | } | |
375 | ||
376 | if ($d) { | |
377 | if ($day > $currentDate['mday']) { | |
378 | return TRUE; | |
379 | } | |
380 | elseif ($day < $currentDate['mday']) { | |
381 | return FALSE; | |
382 | } | |
383 | } | |
384 | ||
385 | return TRUE; | |
386 | } | |
387 | ||
388 | /** | |
100fef9d | 389 | * Check the validity of a date or datetime (timestamp) |
6a488035 TO |
390 | * value which is in YYYYMMDD or YYYYMMDDHHMMSS format |
391 | * | |
392 | * Uses PHP checkdate() - params are ( int $month, int $day, int $year ) | |
393 | * | |
394 | * @param string $date | |
395 | * | |
a6c01b45 CW |
396 | * @return bool |
397 | * true if valid date | |
6a488035 | 398 | */ |
00be9182 | 399 | public static function mysqlDate($date) { |
6a488035 TO |
400 | // allow date to be null |
401 | if ($date == NULL) { | |
402 | return TRUE; | |
403 | } | |
404 | ||
405 | if (checkdate(substr($date, 4, 2), substr($date, 6, 2), substr($date, 0, 4))) { | |
406 | return TRUE; | |
407 | } | |
408 | ||
409 | return FALSE; | |
410 | } | |
411 | ||
5bc392e6 EM |
412 | /** |
413 | * @param $value | |
414 | * | |
415 | * @return bool | |
416 | */ | |
00be9182 | 417 | public static function integer($value) { |
6a488035 TO |
418 | if (is_int($value)) { |
419 | return TRUE; | |
420 | } | |
421 | ||
f942c321 DL |
422 | // CRM-13460 |
423 | // ensure number passed is always a string numeral | |
424 | if (!is_numeric($value)) { | |
425 | return FALSE; | |
426 | } | |
427 | ||
428 | // note that is_int matches only integer type | |
429 | // and not strings which are only integers | |
430 | // hence we do this here | |
431 | if (preg_match('/^\d+$/', $value)) { | |
432 | return TRUE; | |
433 | } | |
434 | ||
435 | if ($value < 0) { | |
6a488035 TO |
436 | $negValue = -1 * $value; |
437 | if (is_int($negValue)) { | |
438 | return TRUE; | |
439 | } | |
440 | } | |
441 | ||
6a488035 TO |
442 | return FALSE; |
443 | } | |
444 | ||
5bc392e6 EM |
445 | /** |
446 | * @param $value | |
447 | * | |
448 | * @return bool | |
449 | */ | |
00be9182 | 450 | public static function positiveInteger($value) { |
6a488035 | 451 | if (is_int($value)) { |
91768280 | 452 | return !($value < 0); |
6a488035 TO |
453 | } |
454 | ||
f942c321 DL |
455 | // CRM-13460 |
456 | // ensure number passed is always a string numeral | |
457 | if (!is_numeric($value)) { | |
458 | return FALSE; | |
459 | } | |
460 | ||
91768280 | 461 | return (bool) preg_match('/^\d+$/', $value); |
6a488035 TO |
462 | } |
463 | ||
fe61faf3 CW |
464 | /** |
465 | * @param $value | |
466 | * | |
467 | * @return bool | |
468 | */ | |
469 | public static function commaSeparatedIntegers($value) { | |
470 | foreach (explode(',', $value) as $val) { | |
62d7cac4 SL |
471 | // Remove any Whitespace around the key. |
472 | $val = trim($val); | |
fe61faf3 CW |
473 | if (!self::positiveInteger($val)) { |
474 | return FALSE; | |
475 | } | |
476 | } | |
477 | return TRUE; | |
478 | } | |
479 | ||
5bc392e6 EM |
480 | /** |
481 | * @param $value | |
482 | * | |
483 | * @return bool | |
484 | */ | |
00be9182 | 485 | public static function numeric($value) { |
f942c321 DL |
486 | // lets use a php gatekeeper to ensure this is numeric |
487 | if (!is_numeric($value)) { | |
488 | return FALSE; | |
489 | } | |
490 | ||
fe0dbeda | 491 | return (bool) preg_match('/(^-?\d\d*\.\d*$)|(^-?\d\d*$)|(^-?\.\d\d*$)/', $value); |
6a488035 TO |
492 | } |
493 | ||
d22982f3 SM |
494 | /** |
495 | * Test whether $value is alphanumeric. | |
496 | * | |
497 | * Underscores and dashes are also allowed! | |
498 | * | |
499 | * This is the type of string you could expect to see in URL parameters | |
500 | * like `?mode=live` vs `?mode=test`. This function exists so that we can be | |
501 | * strict about what we accept for such values, thus mitigating against | |
502 | * potential security issues. | |
503 | * | |
504 | * @see \CRM_Utils_RuleTest::alphanumericData | |
505 | * for examples of vales that give TRUE/FALSE here | |
506 | * | |
507 | * @param $value | |
508 | * | |
509 | * @return bool | |
510 | */ | |
511 | public static function alphanumeric($value) { | |
fe0dbeda | 512 | return (bool) preg_match('/^[a-zA-Z0-9_-]*$/', $value); |
d22982f3 SM |
513 | } |
514 | ||
5bc392e6 EM |
515 | /** |
516 | * @param $value | |
517 | * @param $noOfDigit | |
518 | * | |
519 | * @return bool | |
520 | */ | |
00be9182 | 521 | public static function numberOfDigit($value, $noOfDigit) { |
fe0dbeda | 522 | return (bool) preg_match('/^\d{' . $noOfDigit . '}$/', $value); |
6a488035 TO |
523 | } |
524 | ||
8a52ae34 CW |
525 | /** |
526 | * Strict validation of 6-digit hex color notation per html5 <input type="color"> | |
527 | * | |
528 | * @param $value | |
529 | * @return bool | |
530 | */ | |
531 | public static function color($value) { | |
532 | return (bool) preg_match('/^#([\da-fA-F]{6})$/', $value); | |
533 | } | |
534 | ||
5bc392e6 | 535 | /** |
83644f47 | 536 | * Strip thousand separator from a money string. |
537 | * | |
538 | * Note that this should be done at the form layer. Once we are processing | |
539 | * money at the BAO or processor layer we should be working with something that | |
540 | * is already in a normalised format. | |
541 | * | |
542 | * @param string $value | |
5bc392e6 | 543 | * |
83644f47 | 544 | * @return string |
5bc392e6 | 545 | */ |
00be9182 | 546 | public static function cleanMoney($value) { |
6a488035 | 547 | // first remove all white space |
be2fb01f | 548 | $value = str_replace([' ', "\t", "\n"], '', $value); |
6a488035 TO |
549 | |
550 | $config = CRM_Core_Config::singleton(); | |
551 | ||
e7292422 | 552 | //CRM-14868 |
ef88f444 | 553 | $currencySymbols = CRM_Core_PseudoConstant::get( |
353ffa53 | 554 | 'CRM_Contribute_DAO_Contribution', |
be2fb01f | 555 | 'currency', [ |
353ffa53 TO |
556 | 'keyColumn' => 'name', |
557 | 'labelColumn' => 'symbol', | |
be2fb01f | 558 | ] |
e70a7fc0 | 559 | ); |
e7292422 | 560 | $value = str_replace($currencySymbols, '', $value); |
ef88f444 | 561 | |
6a488035 TO |
562 | if ($config->monetaryThousandSeparator) { |
563 | $mon_thousands_sep = $config->monetaryThousandSeparator; | |
564 | } | |
565 | else { | |
566 | $mon_thousands_sep = ','; | |
567 | } | |
568 | ||
569 | // ugly fix for CRM-6391: do not drop the thousand separator if | |
570 | // it looks like it’s separating decimal part (because a given | |
571 | // value undergoes a second cleanMoney() call, for example) | |
b81f42da | 572 | // CRM-15835 - in case the amount/value contains 0 after decimal |
573 | // eg 150.5 the following if condition will pass | |
574 | if ($mon_thousands_sep != '.' or (substr($value, -3, 1) != '.' && substr($value, -2, 1) != '.')) { | |
6a488035 TO |
575 | $value = str_replace($mon_thousands_sep, '', $value); |
576 | } | |
577 | ||
578 | if ($config->monetaryDecimalPoint) { | |
579 | $mon_decimal_point = $config->monetaryDecimalPoint; | |
580 | } | |
581 | else { | |
582 | $mon_decimal_point = '.'; | |
583 | } | |
584 | $value = str_replace($mon_decimal_point, '.', $value); | |
585 | ||
586 | return $value; | |
587 | } | |
588 | ||
5bc392e6 EM |
589 | /** |
590 | * @param $value | |
591 | * | |
592 | * @return bool | |
593 | */ | |
00be9182 | 594 | public static function money($value) { |
6a488035 TO |
595 | $value = self::cleanMoney($value); |
596 | ||
597 | if (self::integer($value)) { | |
598 | return TRUE; | |
599 | } | |
600 | ||
ce18e8d1 MW |
601 | // Allow values such as -0, 1.024555, -.1 |
602 | // We need to support multiple decimal places here, not just the number allowed by locale | |
603 | // otherwise tax calculations break when you want the inclusive amount to be a round number (eg. £10 inc. VAT requires 8.333333333 here). | |
fe0dbeda | 604 | return (bool) preg_match('/(^-?\d+\.?\d*$)|(^-?\.\d+$)/', $value); |
6a488035 TO |
605 | } |
606 | ||
5bc392e6 EM |
607 | /** |
608 | * @param $value | |
609 | * @param int $maxLength | |
610 | * | |
611 | * @return bool | |
612 | */ | |
00be9182 | 613 | public static function string($value, $maxLength = 0) { |
6a488035 TO |
614 | if (is_string($value) && |
615 | ($maxLength === 0 || strlen($value) <= $maxLength) | |
616 | ) { | |
617 | return TRUE; | |
618 | } | |
619 | return FALSE; | |
620 | } | |
621 | ||
5bc392e6 EM |
622 | /** |
623 | * @param $value | |
624 | * | |
625 | * @return bool | |
626 | */ | |
00be9182 | 627 | public static function boolean($value) { |
6a488035 TO |
628 | return preg_match( |
629 | '/(^(1|0)$)|(^(Y(es)?|N(o)?)$)|(^(T(rue)?|F(alse)?)$)/i', $value | |
630 | ) ? TRUE : FALSE; | |
631 | } | |
632 | ||
5bc392e6 EM |
633 | /** |
634 | * @param $value | |
635 | * | |
636 | * @return bool | |
637 | */ | |
00be9182 | 638 | public static function email($value) { |
6a488035 TO |
639 | return (bool) filter_var($value, FILTER_VALIDATE_EMAIL); |
640 | } | |
641 | ||
5bc392e6 EM |
642 | /** |
643 | * @param $list | |
644 | * | |
645 | * @return bool | |
646 | */ | |
00be9182 | 647 | public static function emailList($list) { |
6a488035 TO |
648 | $emails = explode(',', $list); |
649 | foreach ($emails as $email) { | |
650 | $email = trim($email); | |
651 | if (!self::email($email)) { | |
652 | return FALSE; | |
653 | } | |
654 | } | |
655 | return TRUE; | |
656 | } | |
657 | ||
5bc392e6 | 658 | /** |
4f1f1f2a CW |
659 | * allow between 4-6 digits as postal code since india needs 6 and US needs 5 (or |
660 | * if u disregard the first 0, 4 (thanx excel!) | |
661 | * FIXME: we need to figure out how to localize such rules | |
5bc392e6 EM |
662 | * @param $value |
663 | * | |
664 | * @return bool | |
665 | */ | |
00be9182 | 666 | public static function postalCode($value) { |
6a488035 TO |
667 | if (preg_match('/^\d{4,6}(-\d{4})?$/', $value)) { |
668 | return TRUE; | |
669 | } | |
670 | return FALSE; | |
671 | } | |
672 | ||
673 | /** | |
100fef9d | 674 | * See how file rules are written in HTML/QuickForm/file.php |
6a488035 TO |
675 | * Checks to make sure the uploaded file is ascii |
676 | * | |
ea3ddccf | 677 | * @param string $elementValue |
678 | * | |
a6c01b45 | 679 | * @return bool |
ea3ddccf | 680 | * True if file has been uploaded, false otherwise |
6a488035 | 681 | */ |
00be9182 | 682 | public static function asciiFile($elementValue) { |
6a488035 TO |
683 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || |
684 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
685 | ) { | |
686 | return CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
687 | } | |
688 | return FALSE; | |
689 | } | |
690 | ||
691 | /** | |
692 | * Checks to make sure the uploaded file is in UTF-8, recodes if it's not | |
693 | * | |
ea3ddccf | 694 | * @param array $elementValue |
695 | * | |
a6c01b45 | 696 | * @return bool |
ea3ddccf | 697 | * Whether file has been uploaded properly and is now in UTF-8. |
6a488035 | 698 | */ |
00be9182 | 699 | public static function utf8File($elementValue) { |
6a488035 TO |
700 | $success = FALSE; |
701 | ||
702 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || | |
703 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
704 | ) { | |
705 | ||
706 | $success = CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
707 | ||
708 | // if it's a file, but not UTF-8, let's try and recode it | |
709 | // and then make sure it's an UTF-8 file in the end | |
710 | if (!$success) { | |
711 | $success = CRM_Utils_File::toUtf8($elementValue['tmp_name']); | |
712 | if ($success) { | |
713 | $success = CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
714 | } | |
715 | } | |
716 | } | |
717 | return $success; | |
718 | } | |
719 | ||
720 | /** | |
100fef9d | 721 | * See how file rules are written in HTML/QuickForm/file.php |
6a488035 TO |
722 | * Checks to make sure the uploaded file is html |
723 | * | |
ea3ddccf | 724 | * @param array $elementValue |
725 | * | |
a6c01b45 | 726 | * @return bool |
ea3ddccf | 727 | * True if file has been uploaded, false otherwise |
6a488035 | 728 | */ |
00be9182 | 729 | public static function htmlFile($elementValue) { |
6a488035 TO |
730 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || |
731 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
732 | ) { | |
733 | return CRM_Utils_File::isHtmlFile($elementValue['tmp_name']); | |
734 | } | |
735 | return FALSE; | |
736 | } | |
737 | ||
738 | /** | |
fe482240 | 739 | * Check if there is a record with the same name in the db. |
6a488035 | 740 | * |
77855840 TO |
741 | * @param string $value |
742 | * The value of the field we are checking. | |
743 | * @param array $options | |
35b63106 | 744 | * The daoName, fieldName (optional) and DomainID (optional). |
6a488035 | 745 | * |
408b79bf | 746 | * @return bool |
a6c01b45 | 747 | * true if object exists |
6a488035 | 748 | */ |
00be9182 | 749 | public static function objectExists($value, $options) { |
6a488035 TO |
750 | $name = 'name'; |
751 | if (isset($options[2])) { | |
752 | $name = $options[2]; | |
753 | } | |
754 | ||
35b63106 | 755 | return CRM_Core_DAO::objectExists($value, CRM_Utils_Array::value(0, $options), CRM_Utils_Array::value(1, $options), CRM_Utils_Array::value(2, $options, $name), CRM_Utils_Array::value(3, $options)); |
6a488035 TO |
756 | } |
757 | ||
5bc392e6 EM |
758 | /** |
759 | * @param $value | |
760 | * @param $options | |
761 | * | |
762 | * @return bool | |
763 | */ | |
00be9182 | 764 | public static function optionExists($value, $options) { |
e6101f17 | 765 | return CRM_Core_OptionValue::optionExists($value, $options[0], $options[1], $options[2], CRM_Utils_Array::value(3, $options, 'name'), CRM_Utils_Array::value(4, $options, FALSE)); |
6a488035 TO |
766 | } |
767 | ||
5bc392e6 EM |
768 | /** |
769 | * @param $value | |
770 | * @param $type | |
771 | * | |
772 | * @return bool | |
773 | */ | |
00be9182 | 774 | public static function creditCardNumber($value, $type) { |
6a488035 TO |
775 | return Validate_Finance_CreditCard::number($value, $type); |
776 | } | |
777 | ||
5bc392e6 EM |
778 | /** |
779 | * @param $value | |
780 | * @param $type | |
781 | * | |
782 | * @return bool | |
783 | */ | |
00be9182 | 784 | public static function cvv($value, $type) { |
6a488035 TO |
785 | return Validate_Finance_CreditCard::cvv($value, $type); |
786 | } | |
787 | ||
5bc392e6 EM |
788 | /** |
789 | * @param $value | |
790 | * | |
791 | * @return bool | |
792 | */ | |
00be9182 | 793 | public static function currencyCode($value) { |
6a488035 TO |
794 | static $currencyCodes = NULL; |
795 | if (!$currencyCodes) { | |
796 | $currencyCodes = CRM_Core_PseudoConstant::currencyCode(); | |
797 | } | |
798 | if (in_array($value, $currencyCodes)) { | |
799 | return TRUE; | |
800 | } | |
801 | return FALSE; | |
802 | } | |
803 | ||
5bc392e6 EM |
804 | /** |
805 | * @param $value | |
806 | * | |
807 | * @return bool | |
808 | */ | |
00be9182 | 809 | public static function xssString($value) { |
6a488035 TO |
810 | if (is_string($value)) { |
811 | return preg_match('!<(vb)?script[^>]*>.*</(vb)?script.*>!ims', | |
812 | $value | |
813 | ) ? FALSE : TRUE; | |
814 | } | |
815 | else { | |
816 | return TRUE; | |
817 | } | |
818 | } | |
819 | ||
88251439 | 820 | /** |
821 | * Validate json string for xss | |
822 | * | |
823 | * @param string $value | |
824 | * | |
825 | * @return bool | |
826 | * False if invalid, true if valid / safe. | |
827 | */ | |
828 | public static function json($value) { | |
829 | if (!self::xssString($value)) { | |
830 | return FALSE; | |
831 | } | |
832 | $array = json_decode($value, TRUE); | |
833 | if (!$array || !is_array($array)) { | |
834 | return FALSE; | |
835 | } | |
836 | return self::arrayValue($array); | |
837 | } | |
838 | ||
5bc392e6 EM |
839 | /** |
840 | * @param $path | |
841 | * | |
842 | * @return bool | |
843 | */ | |
00be9182 | 844 | public static function fileExists($path) { |
6a488035 TO |
845 | return file_exists($path); |
846 | } | |
847 | ||
d9d7e7dd TO |
848 | /** |
849 | * Determine whether the value contains a valid reference to a directory. | |
850 | * | |
851 | * Paths stored in the setting system may be absolute -- or may be | |
852 | * relative to the default data directory. | |
853 | * | |
854 | * @param string $path | |
855 | * @return bool | |
856 | */ | |
857 | public static function settingPath($path) { | |
e3d28c74 | 858 | return is_dir(Civi::paths()->getPath($path)); |
d9d7e7dd TO |
859 | } |
860 | ||
5bc392e6 EM |
861 | /** |
862 | * @param $value | |
863 | * @param null $actualElementValue | |
864 | * | |
865 | * @return bool | |
866 | */ | |
00be9182 | 867 | public static function validContact($value, $actualElementValue = NULL) { |
6a488035 TO |
868 | if ($actualElementValue) { |
869 | $value = $actualElementValue; | |
870 | } | |
871 | ||
258570f7 | 872 | return CRM_Utils_Rule::positiveInteger($value); |
6a488035 TO |
873 | } |
874 | ||
875 | /** | |
100fef9d | 876 | * Check the validity of the date (in qf format) |
6a488035 TO |
877 | * note that only a year is valid, or a mon-year is |
878 | * also valid in addition to day-mon-year | |
879 | * | |
880 | * @param array $date | |
881 | * | |
a6c01b45 CW |
882 | * @return bool |
883 | * true if valid date | |
6a488035 | 884 | */ |
00be9182 | 885 | public static function qfDate($date) { |
6a488035 TO |
886 | $config = CRM_Core_Config::singleton(); |
887 | ||
9c1bc317 CW |
888 | $d = $date['d'] ?? NULL; |
889 | $m = $date['M'] ?? NULL; | |
890 | $y = $date['Y'] ?? NULL; | |
6a488035 TO |
891 | if (isset($date['h']) || |
892 | isset($date['g']) | |
893 | ) { | |
9c1bc317 | 894 | $m = $date['M'] ?? NULL; |
6a488035 TO |
895 | } |
896 | ||
897 | if (!$d && !$m && !$y) { | |
898 | return TRUE; | |
899 | } | |
900 | ||
901 | $day = $mon = 1; | |
902 | $year = 0; | |
903 | if ($d) { | |
904 | $day = $d; | |
905 | } | |
906 | if ($m) { | |
907 | $mon = $m; | |
908 | } | |
909 | if ($y) { | |
910 | $year = $y; | |
911 | } | |
912 | ||
913 | // if we have day we need mon, and if we have mon we need year | |
914 | if (($d && !$m) || | |
915 | ($d && !$y) || | |
916 | ($m && !$y) | |
917 | ) { | |
918 | return FALSE; | |
919 | } | |
920 | ||
921 | if (!empty($day) || !empty($mon) || !empty($year)) { | |
922 | return checkdate($mon, $day, $year); | |
923 | } | |
924 | return FALSE; | |
925 | } | |
926 | ||
5bc392e6 EM |
927 | /** |
928 | * @param $key | |
929 | * | |
930 | * @return bool | |
931 | */ | |
00be9182 | 932 | public static function qfKey($key) { |
6a488035 TO |
933 | return ($key) ? CRM_Core_Key::valid($key) : FALSE; |
934 | } | |
96025800 | 935 | |
79326ee2 SB |
936 | /** |
937 | * Check if the values in the date range are in correct chronological order. | |
938 | * | |
939 | * @param array $fields | |
940 | * Fields of the form. | |
941 | * @param $fieldName | |
942 | * Name of date range field. | |
943 | * @param $errors | |
944 | * The error array. | |
945 | * @param $title | |
946 | * Title of the date range to be displayed in the error message. | |
947 | */ | |
948 | public static function validDateRange($fields, $fieldName, &$errors, $title) { | |
949 | $lowDate = strtotime($fields[$fieldName . '_low']); | |
950 | $highDate = strtotime($fields[$fieldName . '_high']); | |
951 | ||
952 | if ($lowDate > $highDate) { | |
be2fb01f | 953 | $errors[$fieldName . '_range_error'] = ts('%1: Please check that your date range is in correct chronological order.', [1 => $title]); |
79326ee2 SB |
954 | } |
955 | } | |
956 | ||
5df85a46 SL |
957 | /** |
958 | * @param string $key Extension Key to check | |
959 | * @return bool | |
960 | */ | |
9e1d9d01 | 961 | public static function checkExtensionKeyIsValid($key = NULL) { |
5df85a46 SL |
962 | if (!empty($key) && !preg_match('/^[0-9a-zA-Z._-]+$/', $key)) { |
963 | return FALSE; | |
964 | } | |
965 | return TRUE; | |
966 | } | |
967 | ||
88251439 | 968 | /** |
969 | * Validate array recursively checking keys and values. | |
970 | * | |
971 | * @param array $array | |
972 | * @return bool | |
973 | */ | |
974 | protected static function arrayValue($array) { | |
975 | foreach ($array as $key => $item) { | |
976 | if (is_array($item)) { | |
977 | if (!self::xssString($key) || !self::arrayValue($item)) { | |
978 | return FALSE; | |
979 | } | |
980 | } | |
981 | if (!self::xssString($key) || !self::xssString($item)) { | |
982 | return FALSE; | |
983 | } | |
984 | } | |
985 | return TRUE; | |
986 | } | |
987 | ||
6a488035 | 988 | } |