3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.7 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2017 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
31 * @copyright CiviCRM LLC (c) 2004-2017
34 require_once 'HTML/QuickForm/Rule/Email.php';
37 * Class CRM_Utils_Rule
39 class CRM_Utils_Rule
{
43 * @param int $maxLength
47 public static function title($str, $maxLength = 127) {
50 if (empty($str) ||
strlen($str) > $maxLength) {
54 // Make sure it include valid characters, alpha numeric and underscores
55 if (!preg_match('/^\w[\w\s\'\&\,\$\#\-\.\"\?\!]+$/i', $str)) {
67 public static function longTitle($str) {
68 return self
::title($str, 255);
76 public static function variable($str) {
78 if (empty($str) ||
strlen($str) > 31) {
82 // make sure it includes valid characters, alpha numeric and underscores
83 if (!preg_match('/^[\w]+$/i', $str)) {
91 * Validate that a string is a valid MySQL column name or alias.
97 public static function mysqlColumnNameOrAlias($str) {
103 // Ensure $str conforms to expected format. Not a complete expression of
104 // what MySQL permits; this should permit the formats CiviCRM generates.
106 // * Table name prefix is optional.
107 // * Table & column names & aliases:
108 // * Composed of alphanumeric chars, underscore and hyphens.
109 // * Maximum length of 64 chars.
110 // * Optionally surrounded by backticks, in which case spaces also OK.
111 if (!preg_match('/^((`[\w- ]{1,64}`|[\w-]{1,64})\.)?(`[\w- ]{1,64}`|[\w-]{1,64})$/i', $str)) {
119 * Validate that a string is ASC or DESC.
121 * Empty string should be treated as invalid and ignored => default = ASC.
126 public static function mysqlOrderByDirection($str) {
127 if (!preg_match('/^(asc|desc)$/i', $str)) {
135 * Validate that a string is valid order by clause.
140 public static function mysqlOrderBy($str) {
142 // Using the field function in order by is valid.
143 // Look for a string like field(contribution_status_id,3,4,6).
144 // or field(civicrm_contribution.contribution_status_id,3,4,6)
145 if (preg_match('/field\([a-z_.]+,[0-9,]+\)/', $str, $matches)) {
146 // We have checked these. Remove them as they will fail the next lot.
147 // Our check currently only permits numbers & no back ticks. If we get a
148 // need for strings or backticks we can add.
149 $str = str_replace($matches, '', $str);
152 if (!empty($matches) && empty($str)) {
153 // nothing left to check after the field check.
156 // Making a regex for a comma separated list is quite hard and not readable
157 // at all, so we split and loop over.
158 $parts = explode(',', $str);
159 foreach ($parts as $part) {
160 if (!preg_match('/^((`[\w-]{1,64}`|[\w-]{1,64})\.)?(`[\w-]{1,64}`|[\w-]{1,64})( (asc|desc))?$/i', trim($part))) {
173 public static function qfVariable($str) {
175 //if ( empty( $str ) || strlen( $str ) > 31 ) {
176 if (strlen(trim($str)) == 0 ||
strlen($str) > 31) {
180 // make sure it includes valid characters, alpha numeric and underscores
181 // added (. and ,) option (CRM-1336)
182 if (!preg_match('/^[\w\s\.\,]+$/i', $str)) {
194 public static function phone($phone) {
196 if (empty($phone) ||
strlen($phone) > 16) {
200 // make sure it includes valid characters, (, \s and numeric
201 if (preg_match('/^[\d\(\)\-\.\s]+$/', $phone)) {
212 public static function query($query) {
214 if (empty($query) ||
strlen($query) < 3 ||
strlen($query) > 127) {
218 // make sure it includes valid characters, alpha numeric and underscores
219 if (!preg_match('/^[\w\s\%\'\&\,\$\#]+$/i', $query)) {
231 public static function url($url) {
232 if (preg_match('/^\//', $url)) {
233 // allow relative URL's (CRM-15598)
234 $url = 'http://' . $_SERVER['HTTP_HOST'] . $url;
236 return (bool) filter_var($url, FILTER_VALIDATE_URL
);
244 public static function urlish($url) {
248 $url = Civi
::paths()->getUrl($url, 'absolute');
249 return (bool) filter_var($url, FILTER_VALIDATE_URL
);
257 public static function wikiURL($string) {
258 $items = explode(' ', trim($string), 2);
259 return self
::url($items[0]);
267 public static function domain($domain) {
268 // not perfect, but better than the previous one; see CRM-1502
269 if (!preg_match('/^[A-Za-z0-9]([A-Za-z0-9\.\-]*[A-Za-z0-9])?$/', $domain)) {
277 * @param null $default
281 public static function date($value, $default = NULL) {
282 if (is_string($value) &&
283 preg_match('/^\d\d\d\d-?\d\d-?\d\d$/', $value)
292 * @param null $default
294 * @return null|string
296 public static function dateTime($value, $default = NULL) {
298 if (is_string($value) &&
299 preg_match('/^\d\d\d\d-?\d\d-?\d\d(\s\d\d:\d\d(:\d\d)?|\d\d\d\d(\d\d)?)?$/', $value)
308 * Check the validity of the date (in qf format)
309 * note that only a year is valid, or a mon-year is
310 * also valid in addition to day-mon-year. The date
311 * specified has to be beyond today. (i.e today or later)
314 * @param bool $monthRequired
315 * Check whether month is mandatory.
320 public static function currentDate($date, $monthRequired = TRUE) {
321 $config = CRM_Core_Config
::singleton();
323 $d = CRM_Utils_Array
::value('d', $date);
324 $m = CRM_Utils_Array
::value('M', $date);
325 $y = CRM_Utils_Array
::value('Y', $date);
327 if (!$d && !$m && !$y) {
331 // CRM-9017 CiviContribute/CiviMember form with expiration date format 'm Y'
332 if (!$m && !empty($date['m'])) {
333 $m = CRM_Utils_Array
::value('m', $date);
348 // if we have day we need mon, and if we have mon we need year
357 if (!empty($day) ||
!empty($mon) ||
!empty($year)) {
358 $result = checkdate($mon, $day, $year);
365 // ensure we have month if required
366 if ($monthRequired && !$m) {
370 // now make sure this date is greater that today
371 $currentDate = getdate();
372 if ($year > $currentDate['year']) {
375 elseif ($year < $currentDate['year']) {
380 if ($mon > $currentDate['mon']) {
383 elseif ($mon < $currentDate['mon']) {
389 if ($day > $currentDate['mday']) {
392 elseif ($day < $currentDate['mday']) {
401 * Check the validity of a date or datetime (timestamp)
402 * value which is in YYYYMMDD or YYYYMMDDHHMMSS format
404 * Uses PHP checkdate() - params are ( int $month, int $day, int $year )
406 * @param string $date
411 public static function mysqlDate($date) {
412 // allow date to be null
417 if (checkdate(substr($date, 4, 2), substr($date, 6, 2), substr($date, 0, 4))) {
429 public static function integer($value) {
430 if (is_int($value)) {
435 // ensure number passed is always a string numeral
436 if (!is_numeric($value)) {
440 // note that is_int matches only integer type
441 // and not strings which are only integers
442 // hence we do this here
443 if (preg_match('/^\d+$/', $value)) {
448 $negValue = -1 * $value;
449 if (is_int($negValue)) {
462 public static function positiveInteger($value) {
463 if (is_int($value)) {
464 return ($value < 0) ?
FALSE : TRUE;
468 // ensure number passed is always a string numeral
469 if (!is_numeric($value)) {
473 if (preg_match('/^\d+$/', $value)) {
485 public static function numeric($value) {
486 // lets use a php gatekeeper to ensure this is numeric
487 if (!is_numeric($value)) {
491 return preg_match('/(^-?\d\d*\.\d*$)|(^-?\d\d*$)|(^-?\.\d\d*$)/', $value) ?
TRUE : FALSE;
500 public static function numberOfDigit($value, $noOfDigit) {
501 return preg_match('/^\d{' . $noOfDigit . '}$/', $value) ?
TRUE : FALSE;
505 * Strip thousand separator from a money string.
507 * Note that this should be done at the form layer. Once we are processing
508 * money at the BAO or processor layer we should be working with something that
509 * is already in a normalised format.
511 * @param string $value
515 public static function cleanMoney($value) {
516 // first remove all white space
517 $value = str_replace(array(' ', "\t", "\n"), '', $value);
519 $config = CRM_Core_Config
::singleton();
522 $currencySymbols = CRM_Core_PseudoConstant
::get(
523 'CRM_Contribute_DAO_Contribution',
525 'keyColumn' => 'name',
526 'labelColumn' => 'symbol',
529 $value = str_replace($currencySymbols, '', $value);
531 if ($config->monetaryThousandSeparator
) {
532 $mon_thousands_sep = $config->monetaryThousandSeparator
;
535 $mon_thousands_sep = ',';
538 // ugly fix for CRM-6391: do not drop the thousand separator if
539 // it looks like it’s separating decimal part (because a given
540 // value undergoes a second cleanMoney() call, for example)
541 // CRM-15835 - in case the amount/value contains 0 after decimal
542 // eg 150.5 the following if condition will pass
543 if ($mon_thousands_sep != '.' or (substr($value, -3, 1) != '.' && substr($value, -2, 1) != '.')) {
544 $value = str_replace($mon_thousands_sep, '', $value);
547 if ($config->monetaryDecimalPoint
) {
548 $mon_decimal_point = $config->monetaryDecimalPoint
;
551 $mon_decimal_point = '.';
553 $value = str_replace($mon_decimal_point, '.', $value);
563 public static function money($value) {
564 $config = CRM_Core_Config
::singleton();
566 // only edge case when we have a decimal point in the input money
567 // field and not defined in the decimal Point in config settings
568 if ($config->monetaryDecimalPoint
&&
569 $config->monetaryDecimalPoint
!= '.' &&
570 // CRM-7122 also check for Thousands Separator in config settings
571 $config->monetaryThousandSeparator
!= '.' &&
572 substr_count($value, '.')
577 $value = self
::cleanMoney($value);
579 if (self
::integer($value)) {
583 // Allow values such as -0, 1.024555, -.1
584 // We need to support multiple decimal places here, not just the number allowed by locale
585 // otherwise tax calculations break when you want the inclusive amount to be a round number (eg. £10 inc. VAT requires 8.333333333 here).
586 return preg_match('/(^-?\d+\.?\d*$)|(^-?\.\d+$)/', $value) ?
TRUE : FALSE;
591 * @param int $maxLength
595 public static function string($value, $maxLength = 0) {
596 if (is_string($value) &&
597 ($maxLength === 0 ||
strlen($value) <= $maxLength)
609 public static function boolean($value) {
611 '/(^(1|0)$)|(^(Y(es)?|N(o)?)$)|(^(T(rue)?|F(alse)?)$)/i', $value
620 public static function email($value) {
621 return (bool) filter_var($value, FILTER_VALIDATE_EMAIL
);
629 public static function emailList($list) {
630 $emails = explode(',', $list);
631 foreach ($emails as $email) {
632 $email = trim($email);
633 if (!self
::email($email)) {
641 * allow between 4-6 digits as postal code since india needs 6 and US needs 5 (or
642 * if u disregard the first 0, 4 (thanx excel!)
643 * FIXME: we need to figure out how to localize such rules
648 public static function postalCode($value) {
649 if (preg_match('/^\d{4,6}(-\d{4})?$/', $value)) {
656 * See how file rules are written in HTML/QuickForm/file.php
657 * Checks to make sure the uploaded file is ascii
659 * @param string $elementValue
662 * True if file has been uploaded, false otherwise
664 public static function asciiFile($elementValue) {
665 if ((isset($elementValue['error']) && $elementValue['error'] == 0) ||
666 (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none')
668 return CRM_Utils_File
::isAscii($elementValue['tmp_name']);
674 * Checks to make sure the uploaded file is in UTF-8, recodes if it's not
676 * @param array $elementValue
679 * Whether file has been uploaded properly and is now in UTF-8.
681 public static function utf8File($elementValue) {
684 if ((isset($elementValue['error']) && $elementValue['error'] == 0) ||
685 (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none')
688 $success = CRM_Utils_File
::isAscii($elementValue['tmp_name']);
690 // if it's a file, but not UTF-8, let's try and recode it
691 // and then make sure it's an UTF-8 file in the end
693 $success = CRM_Utils_File
::toUtf8($elementValue['tmp_name']);
695 $success = CRM_Utils_File
::isAscii($elementValue['tmp_name']);
703 * See how file rules are written in HTML/QuickForm/file.php
704 * Checks to make sure the uploaded file is html
706 * @param array $elementValue
709 * True if file has been uploaded, false otherwise
711 public static function htmlFile($elementValue) {
712 if ((isset($elementValue['error']) && $elementValue['error'] == 0) ||
713 (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none')
715 return CRM_Utils_File
::isHtmlFile($elementValue['tmp_name']);
721 * Check if there is a record with the same name in the db.
723 * @param string $value
724 * The value of the field we are checking.
725 * @param array $options
726 * The daoName, fieldName (optional) and DomainID (optional).
729 * true if object exists
731 public static function objectExists($value, $options) {
733 if (isset($options[2])) {
737 return CRM_Core_DAO
::objectExists($value, CRM_Utils_Array
::value(0, $options), CRM_Utils_Array
::value(1, $options), CRM_Utils_Array
::value(2, $options, $name), CRM_Utils_Array
::value(3, $options));
746 public static function optionExists($value, $options) {
747 return CRM_Core_OptionValue
::optionExists($value, $options[0], $options[1], $options[2], CRM_Utils_Array
::value(3, $options, 'name'), CRM_Utils_Array
::value(4, $options, FALSE));
756 public static function creditCardNumber($value, $type) {
757 return Validate_Finance_CreditCard
::number($value, $type);
766 public static function cvv($value, $type) {
767 return Validate_Finance_CreditCard
::cvv($value, $type);
775 public static function currencyCode($value) {
776 static $currencyCodes = NULL;
777 if (!$currencyCodes) {
778 $currencyCodes = CRM_Core_PseudoConstant
::currencyCode();
780 if (in_array($value, $currencyCodes)) {
791 public static function xssString($value) {
792 if (is_string($value)) {
793 return preg_match('!<(vb)?script[^>]*>.*</(vb)?script.*>!ims',
807 public static function fileExists($path) {
808 return file_exists($path);
812 * Determine whether the value contains a valid reference to a directory.
814 * Paths stored in the setting system may be absolute -- or may be
815 * relative to the default data directory.
817 * @param string $path
820 public static function settingPath($path) {
821 return is_dir(Civi
::paths()->getPath($path));
826 * @param null $actualElementValue
830 public static function validContact($value, $actualElementValue = NULL) {
831 if ($actualElementValue) {
832 $value = $actualElementValue;
835 return CRM_Utils_Rule
::positiveInteger($value);
839 * Check the validity of the date (in qf format)
840 * note that only a year is valid, or a mon-year is
841 * also valid in addition to day-mon-year
848 public static function qfDate($date) {
849 $config = CRM_Core_Config
::singleton();
851 $d = CRM_Utils_Array
::value('d', $date);
852 $m = CRM_Utils_Array
::value('M', $date);
853 $y = CRM_Utils_Array
::value('Y', $date);
854 if (isset($date['h']) ||
857 $m = CRM_Utils_Array
::value('M', $date);
860 if (!$d && !$m && !$y) {
876 // if we have day we need mon, and if we have mon we need year
884 if (!empty($day) ||
!empty($mon) ||
!empty($year)) {
885 return checkdate($mon, $day, $year);
895 public static function qfKey($key) {
896 return ($key) ? CRM_Core_Key
::valid($key) : FALSE;
900 * Check if the values in the date range are in correct chronological order.
902 * @param array $fields
903 * Fields of the form.
905 * Name of date range field.
909 * Title of the date range to be displayed in the error message.
911 public static function validDateRange($fields, $fieldName, &$errors, $title) {
912 $lowDate = strtotime($fields[$fieldName . '_low']);
913 $highDate = strtotime($fields[$fieldName . '_high']);
915 if ($lowDate > $highDate) {
916 $errors[$fieldName . '_range_error'] = ts('%1: Please check that your date range is in correct chronological order.', array(1 => $title));
921 * @param string $key Extension Key to check
924 public static function checkExtesnionKeyIsValid($key = NULL) {
925 if (!empty($key) && !preg_match('/^[0-9a-zA-Z._-]+$/', $key)) {