3 +--------------------------------------------------------------------+
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2020 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
31 * @copyright CiviCRM LLC (c) 2004-2020
33 class CRM_Utils_Type
{
52 // @TODO What's the point of these constants? Backwards compatibility?
54 // These are used for field size (<input type=text size=2>), but redundant TWO=2
55 // usages are rare and should be eliminated. See CRM-18810.
71 * Maximum size of a MySQL BLOB or TEXT column in bytes.
73 const BLOB_SIZE
= 65535;
76 * Maximum value of a MySQL signed INT column.
78 const INT_MAX
= 2147483647;
81 * Gets the string representation for a data type.
84 * Integer number identifying the data type.
87 * String identifying the data type, e.g. 'Int' or 'String'.
89 public static function typeToString($type) {
90 // @todo Use constants in the case statements, e.g. "case T_INT:".
91 // @todo return directly, instead of assigning a value.
92 // @todo Use a lookup array, as a property or as a local variable.
129 $string = 'Timestamp';
149 $string = 'Mediumblob';
153 return (isset($string)) ?
$string : "";
158 * An array of type in the form 'type name' => 'int representing type'
160 public static function getValidTypes() {
162 'Int' => self
::T_INT
,
163 'String' => self
::T_STRING
,
164 'Enum' => self
::T_ENUM
,
165 'Date' => self
::T_DATE
,
166 'Time' => self
::T_TIME
,
167 'Boolean' => self
::T_BOOLEAN
,
168 'Text' => self
::T_TEXT
,
169 'Blob' => self
::T_BLOB
,
170 'Timestamp' => self
::T_TIMESTAMP
,
171 'Float' => self
::T_FLOAT
,
172 'Money' => self
::T_MONEY
,
173 'Email' => self
::T_EMAIL
,
174 'Mediumblob' => self
::T_MEDIUMBLOB
,
179 * Get the data_type for the field.
181 * @param array $fieldMetadata
182 * Metadata about the field.
186 public static function getDataTypeFromFieldMetadata($fieldMetadata) {
187 if (isset($fieldMetadata['data_type'])) {
188 return $fieldMetadata['data_type'];
190 if (empty($fieldMetadata['type'])) {
191 // I would prefer to throw an e-notice but there is some,
192 // probably unnecessary logic, that only retrieves activity fields
193 // if they are 'in the profile' and probably they are not 'in'
194 // until they are added - which might lead to ? who knows!
197 return self
::typeToString($fieldMetadata['type']);
201 * Helper function to call escape on arrays.
205 public static function escapeAll($data, $type, $abort = TRUE) {
206 foreach ($data as $key => $value) {
207 $data[$key] = CRM_Utils_Type
::escape($value, $type, $abort);
213 * Helper function to call validate on arrays
217 public static function validateAll($data, $type, $abort = TRUE) {
218 foreach ($data as $key => $value) {
219 $data[$key] = CRM_Utils_Type
::validate($value, $type, $abort);
225 * Verify that a variable is of a given type, and apply a bit of processing.
228 * The value to be verified/escaped.
229 * @param string $type
230 * The type to verify against.
232 * If TRUE, the operation will CRM_Core_Error::fatal() on invalid data.
235 * The data, escaped if necessary.
236 * @throws CRM_Core_Exception
238 public static function escape($data, $type, $abort = TRUE) {
247 case 'ContactReference':
248 case 'MysqlOrderByDirection':
249 $validatedData = self
::validate($data, $type, $abort);
250 if (isset($validatedData)) {
251 return $validatedData;
255 // CRM-8925 for custom fields of this type
257 case 'StateProvince':
258 // Handle multivalued data in delimited or array format
259 if (is_array($data) ||
(strpos($data, CRM_Core_DAO
::VALUE_SEPARATOR
) !== FALSE)) {
261 foreach (CRM_Utils_Array
::explodePadded($data) as $item) {
262 if (!CRM_Utils_Rule
::positiveInteger($item)) {
270 elseif (CRM_Utils_Rule
::positiveInteger($data)) {
276 if (CRM_Utils_Rule
::positiveInteger($data)) {
282 if (CRM_Utils_Rule
::url($data = trim($data))) {
288 if (CRM_Utils_Rule
::boolean($data)) {
296 return CRM_Core_DAO
::escapeString(self
::validate($data, $type, $abort));
298 case 'MysqlColumnNameOrAlias':
299 if (CRM_Utils_Rule
::mysqlColumnNameOrAlias($data)) {
300 $data = str_replace('`', '', $data);
301 $parts = explode('.', $data);
302 $data = '`' . implode('`.`', $parts) . '`';
309 if (CRM_Utils_Rule
::mysqlOrderBy($data)) {
310 $parts = explode(',', $data);
312 // The field() syntax is tricky here because it uses commas & when
313 // we separate by them we break it up. But we want to keep the clauses in order.
314 // so we just clumsily re-assemble it. Test cover exists.
315 $fieldClauseStart = NULL;
316 foreach ($parts as $index => &$part) {
317 if (substr($part, 0, 6) === 'field(') {
318 // Looking to escape a string like 'field(contribution_status_id,3,4,5) asc'
319 // to 'field(`contribution_status_id`,3,4,5) asc'
320 $fieldClauseStart = $index;
323 if ($fieldClauseStart !== NULL) {
324 // this is part of the list of field options. Concatenate it back on.
325 $parts[$fieldClauseStart] .= ',' . $part;
326 unset($parts[$index]);
327 if (!strstr($parts[$fieldClauseStart], ')')) {
328 // we have not reached the end of the list.
331 // We have the last piece of the field() clause, time to escape it.
332 $parts[$fieldClauseStart] = self
::mysqlOrderByFieldFunctionCallback($parts[$fieldClauseStart]);
333 $fieldClauseStart = NULL;
338 $part = preg_replace_callback('/^(?:(?:((?:`[\w-]{1,64}`|[\w-]{1,64}))(?:\.))?(`[\w-]{1,64}`|[\w-]{1,64})(?: (asc|desc))?)$/i', ['CRM_Utils_Type', 'mysqlOrderByCallback'], trim($part));
340 return implode(', ', $parts);
345 CRM_Core_Error
::fatal(
346 $type . " is not a recognised (camel cased) data type."
351 // @todo Use exceptions instead of CRM_Core_Error::fatal().
353 $data = htmlentities($data);
355 CRM_Core_Error
::fatal("$data is not of the type $type");
361 * Verify that a variable is of a given type.
364 * The value to validate.
365 * @param string $type
366 * The type to validate against.
368 * If TRUE, the operation will CRM_Core_Error::fatal() on invalid data.
369 * @param string $name
370 * The name of the attribute
371 * @param bool $isThrowException
372 * Should an exception be thrown rather than a using a deprecated fatal error.
375 * The data, escaped if necessary
377 * @throws \CRM_Core_Exception
379 public static function validate($data, $type, $abort = TRUE, $name = 'One of parameters ', $isThrowException = TRUE) {
385 'CommaSeparatedIntegers',
396 'MysqlColumnNameOrAlias',
397 'MysqlOrderByDirection',
404 if (!in_array($type, $possibleTypes)) {
405 if ($isThrowException) {
406 throw new CRM_Core_Exception(ts('Invalid type, must be one of : ' . implode($possibleTypes)));
408 CRM_Core_Error
::fatal(ts('Invalid type, must be one of : ' . implode($possibleTypes)));
413 if (CRM_Utils_Rule
::integer($data)) {
419 if (CRM_Utils_Rule
::positiveInteger($data)) {
426 if (CRM_Utils_Rule
::numeric($data)) {
439 // a null timestamp is valid
440 if (strlen(trim($data)) == 0) {
444 if ((preg_match('/^\d{14}$/', $data) ||
445 preg_match('/^\d{8}$/', $data)
447 CRM_Utils_Rule
::mysqlDate($data)
453 case 'ContactReference':
455 if (strlen(trim($data)) == 0) {
459 if (CRM_Utils_Rule
::validContact($data)) {
464 case 'MysqlOrderByDirection':
465 if (CRM_Utils_Rule
::mysqlOrderByDirection($data)) {
466 return strtolower($data);
471 if (CRM_Utils_Rule
::checkExtensionKeyIsValid($data)) {
477 $check = lcfirst($type);
478 if (CRM_Utils_Rule
::$check($data)) {
484 $data = htmlentities($data);
485 if ($isThrowException) {
486 throw new CRM_Core_Exception("$name (value: $data) is not of the type $type");
488 CRM_Core_Error
::fatal("$name (value: $data) is not of the type $type");
495 * Preg_replace_callback for mysqlOrderByFieldFunction escape.
497 * Add backticks around the field name.
499 * @param string $clause
503 public static function mysqlOrderByFieldFunctionCallback($clause) {
504 return preg_replace('/field\((\w*)/', 'field(`${1}`', $clause);
508 * preg_replace_callback for MysqlOrderBy escape.
510 public static function mysqlOrderByCallback($matches) {
512 $matches = str_replace('`', '', $matches);
515 if (isset($matches[1]) && $matches[1]) {
516 $output .= '`' . $matches[1] . '`.';
520 if (isset($matches[2]) && $matches[2]) {
521 $output .= '`' . $matches[2] . '`';
525 if (isset($matches[3]) && $matches[3]) {
526 $output .= ' ' . $matches[3];
533 * Get list of avaliable Data Types for Option Groups
537 public static function dataTypes() {
547 return array_combine($types, $types);