4
* RedBeanPHP ORM plugin.
6
* @author Jason Schoeman, maheshchari.com
8
class crud extends PHPDS_dependant
23
* Cleaned up $_REQUEST.
29
* Should forms be protected agains possible injection?
33
public $protect = true;
35
* Where should data from form be looked for?
39
public $from = 'post';
41
* Register an orm service, this allows direct and easy saving to database.
47
* Register an orm service, this allows direct and easy saving to database.
53
* Simply stores last field that was validated.
59
* Store selections that did not have id's yet.
65
* Contains arrays of errors.
69
public $errorExist = array();
72
* This method does the actual security check, other security checks are done on a per call basis to this method in specific scripts.
73
* Improved version reduces the cost of queries by 3, I also believe that this is a more secure method.
75
* @param boolean $validate_crypt_key Set if you would like the system to verify an encryption before accepting global $_POST variables. Use with method send_crypt_key_validation in your form.
77
* @author Jason Schoeman
79
public function construct ($orm = null)
86
$this->f = new field();
88
if (! empty($this->security->post))
89
$this->post = $this->security->post;
90
if (! empty($this->security->get))
91
$this->get = $this->security->get;
92
if (! empty($this->security->request))
93
$this->request = $this->security->request;
97
* After each form validation methods, use this to compile error fields if any.
98
* @author Jason Schoeman
100
public function errorShow()
102
$t = $this->template;
103
if (! empty($this->errorExist)) {
104
$t->addJsToHead($t->mod->errorField($this->errorExist));
109
* Check if the data was submitted ok and make sure there are no errors.
111
* @author Jason Schoeman
115
foreach($this->errorExist as $r)
116
if (! empty($r['type']))
122
* Ater each validation, add this as the condition to report the error and its message.
123
* @param string $error_message
124
* @param string $field This should be the field name, else it will auto detect.
125
* @author Jason Schoeman
127
public function error($error_message, $field='')
130
$field = $this->lastField;
132
$this->errorExist[$field] = array('type'=>'error', 'message'=>$error_message);
136
* Allows import of arrays and converts them to properties for easy access.
138
* @author Jason Schoeman
140
public function importFields($array)
142
if (! empty($array) && is_array($array)) {
143
foreach ($array as $key => $val) {
144
$this->f->$key = $val;
150
* Allows system to do general check on specified form receive type.
153
* @param mixed $default
155
* @author Jason Schoeman
157
public function field($key = null, $default = null)
159
switch ($this->from) {
161
$r = $this->POST($key, $default);
165
$r = $this->GET($key, $default);
169
$r = $this->REQUEST($key, $default);
173
$r = $this->POST($key, $default);
178
if (is_object($this->orm))
179
$this->orm->$key = $r;
182
$this->lastField = (string) $key;
184
$this->lastField = (string) $key . '[]';
187
$this->errorExist[$key] = array();
193
* Return a value from the REQUEST array
195
* @param string|null $key the name of the post variable to fetch; if null, the entire array is returned
196
* @param mixed|array $default a default value to return when the post variable is not set; when returning the entire array, an array can be given here with default values
198
* @return scalar|array the content of the post variable or the whole array, possibly with default value(s)
199
* @author Jason Schoeman
201
public function REQUEST($key = null, $default = null)
203
($this->protect) ? $r = $this->request : $r = $_REQUEST;
206
return (isset($r[$key])) ? $r[$key] : $default;
208
if (is_array($default)) return array_merge($default, $r);
214
* Return a value from the POST array
216
* @param string|null $key the name of the post variable to fetch; if null, the entire array is returned
217
* @param mixed|array $default a default value to return when the post variable is not set; when returning the entire array, an array can be given here with default values
219
* @return scalar|array the content of the post variable or the whole array, possibly with default value(s)
220
* @author Jason Schoeman
222
public function POST($key = null, $default = null)
224
($this->protect) ? $p = $this->post : $p = $_POST;
227
return (isset($p[$key])) ? $p[$key] : $default;
229
if (is_array($default)) return array_merge($default, $p);
235
* Return a value from the GET meta array
237
* @param string|null $key the name of the get variable to fetch; if null, the entire array is returned
238
* @param mixed|array $default a default value to return when the get variable is not set; when returning the entire array, an array can be given here with default values
240
* @return scalar|array the content of the get variable or the whole array, possibly with default value(s)
241
* @author Jason Schoeman
243
public function GET($key = null, $default = null)
245
($this->protect) ? $g = $this->get : $g = $_GET;
248
return (isset($g[$key])) ? $g[$key] : $default;
250
if (is_array($default)) return array_merge($default, $g);
256
* Makes select fields easy to create and maintain.
257
* @param type $options
258
* @param type $selected
260
* @author Jason Schoeman
262
public function select($options, $selected)
264
return $this->selectElements('', $options, $selected, 'select');
268
* Makes check boxes easy to create and maintain.
270
* @param type $options
271
* @param type $checked
273
* @author Jason Schoeman
275
public function checkbox($name, $options, $checked)
277
return $this->selectElements($name, $options, $checked, 'checkbox');
281
* Makes radio buttons easy to create and maintain.
283
* @param type $options
284
* @param type $checked
286
* @author Jason Schoeman
288
public function radio($name, $options, $checked)
290
return $this->selectElements($name, $options, $checked, 'radio');
294
* Maintainer for radio checkboxes and select fields.
296
* @param type $options
297
* @param type $checked
301
public function selectElements($name, $options, $checked, $type)
303
$m = $this->template->mod;
305
if (is_array($options)) {
306
foreach ($options as $value => $label) {
307
if (! empty($checked) && in_array($value, $checked))
314
$option .= $m->formRadio($name, $value, $label, $select);
317
$option .= $m->formCheckbox($name, $value, $label, $select);
320
$option .= $m->formSelect($value, $label, $select);
326
if (empty($option)) {
334
* Allows you to easily maintain selected fields.
336
* @param int $join_id
337
* @param string $columns
340
public function multiSelected($val, $join_id=null, $columns = 'join_id,value')
342
if (is_object($this->orm)) {
344
return $this->multiSelectedORM($val, $join_id, $columns);
347
return $this->multiSelectedModel($val, $join_id, $columns);
352
* Simple check for multiple options.
354
* @param string expecting form field name
357
public function isMultipleOption($val)
359
$array = $this->field($val);
360
if (! in_array($array, array(null, false, '', array()), true)) {
368
* Allows you to easily maintain selected fields.
370
* @param int $join_id
371
* @param string $columns
374
public function multiSelectedModel($val, $join_id=null, $columns = 'join_id,value')
377
if (! empty($this->f->id))
378
$join_id = $this->f->id;
380
$previously_selected = $this->field($val);
381
list($join_id_col, $value_col) = explode(',', $columns);
383
if (! empty($join_id) && empty($previously_selected)) {
384
$previously_selected = $this->db->invokeQuery('CRUD_readMultipleOptions', $value_col, $val, $join_id_col, $join_id);
386
if (! empty($previously_selected)) {
387
foreach ($previously_selected as $valprev) {
388
$array[] = $valprev[$value_col];
396
if (! empty($previously_selected)) {
398
if (! empty($join_id)) {
399
$this->db->invokeQuery('CRUD_writeMultipleOptions', $val, $join_id_col, $join_id, $value_col, $previously_selected);
402
foreach ($previously_selected as $valprev) {
414
* Allows you to easily maintain selected fields.
416
* @param int $join_id
417
* @param string $columns
420
public function multiSelectedORM($val, $join_id=null, $columns = 'join_id,value')
423
if (! empty($this->orm->id))
424
$join_id = $this->orm->id;
426
$previously_selected = $this->field($val);
427
list($join_id_col, $value_col) = explode(',', $columns);
429
if (! empty($join_id) && empty($previously_selected)) {
430
$previously_selected = R::find($val, " {$join_id_col} = {$join_id} ");
432
if (! empty($previously_selected)) {
433
foreach ($previously_selected as $valprev) {
434
$array[] = $valprev[$value_col];
442
if (! empty($previously_selected)) {
444
if (! empty($join_id)) {
445
// Delete old selections.
446
$replace = R::find($val, " {$join_id_col} = {$join_id} ");
448
if (! empty($replace)) {
449
foreach ($replace as $valprev) {
450
$bean = R::load("$val", $valprev['id']);
455
if (! empty($previously_selected)) {
456
foreach ($previously_selected as $value) {
457
$multipleORM = R::dispense($val);
458
$multipleORM->$join_id_col = $join_id;
459
$multipleORM->$value_col = $value;
460
R::store($multipleORM);
465
foreach ($previously_selected as $valprev) {
477
* This could really be anything, it is a clean way to add more variable that is not required.
478
* @param string expecting form field name
481
public function addField($val) {
482
$val = $this->field($val);
487
* check if field empty string ,orject,array
488
* @param string expecting form field name
491
public function is($val) {
492
$val = $this->field($val);
493
return ! in_array($val, array(null, false, '', array()), true);
497
* check a number optional -,+,. values
498
* @param string expecting form field name
501
public function isNumeric($val) {
502
$val = $this->field($val);
503
return (bool) preg_match('/^[\-+]?[0-9]*\.?[0-9]+$/', $val);
508
* @param string expecting form field name
511
public function isEmail($val) {
512
$val = $this->field($val);
513
return (bool) (preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $val));
517
* Valid URL or web address
518
* @param string expecting form field name
521
public function isUrl($val) {
522
$val = $this->field($val);
523
return (bool) preg_match("/^((((https?|ftps?|gopher|telnet|nntp):\/\/)|(mailto:|news:))(%[0-9A-Fa-f]{2}|[-()_.!~*';\/?:@&=+$,A-Za-z0-9])+)([).!';\/?:,][[:blank:]])?$/", $val);
528
* @param string expecting form field name
531
public function isIpAddress($val) {
532
$val = $this->field($val);
533
return (bool) preg_match("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $val);
537
* Matches only alpha letters
538
* @param string expecting form field name
541
public function isAlpha($val) {
542
$val = $this->field($val);
543
return (bool) preg_match("/^([a-zA-Z])+$/i", $val);
547
* Matches alpha and numbers only
548
* @param string expecting form field name
551
public function isAlphaNumeric($val) {
552
$val = $this->field($val);
553
return (bool) preg_match("/^([a-zA-Z0-9])+$/i", $val);
557
* Matches alpha ,numbers,-,_ values
558
* @param string expecting form field name
561
public function isAlphaNumericDash($val) {
562
$val = $this->field($val);
563
return (bool) preg_match("/^([-a-zA-Z0-9_-])+$/i", $val);
567
* Matches alpha and dashes like -,_
568
* @param string expecting form field name
571
public function isAlphaDash($val) {
572
$val = $this->field($val);
573
return (bool) preg_match("/^([A-Za-z_-])+$/i", $val);
577
* Matches exactly number
578
* @param string expecting form field name
581
public function isInteger($val) {
582
$val = $this->field($val);
588
* @param string expecting form field name
591
public function isCreditCard($val) {
592
$val = $this->field($val);
593
return (bool) preg_match("/^((4\d{3})|(5[1-5]\d{2})|(6011)|(7\d{3}))-?\d{4}-?\d{4}-?\d{4}|3[4,7]\d{13}$/", $val);
597
* check given string length is between given range
598
* @param string expecting form field name
603
public function isRangeLength($val, $min = 0, $max = 0) {
604
$val = $this->field($val);
605
return (strlen($val) >= $min and strlen($val) <= $max);
609
* Check the string length has minimum length
610
* @param string expecting form field name
614
public function isMinLength($val, $min) {
615
$val = $this->field($val);
616
return (strlen($val) >= (int) $min);
620
* check string length exceeds maximum length
621
* @param string expecting form field name
625
public function isMaxLength($val, $max) {
626
$val = $this->field($val);
627
return (strlen($val) <= (int) $max);
631
* check given number exceeds max values
632
* @param string expecting form field name
636
public function isMaxValue($val, $max) {
637
$number = $this->field($val);
638
return ($number > $max);
642
* check given number below value
643
* @param string expecting form field name
647
public function isMinValue($val, $min) {
648
$number = $this->field($val);
649
return ($number < $min);
653
* check given number between given values
654
* @param string expecting form field name
659
public function isRangeValue($val, $min, $max) {
660
$number = $this->field($val);
661
return ($number > $min and $number < $max);
665
* check for exactly length of string
666
* @param string expecting form field name
667
* @param int expecting lenght of string
670
public function isLength($val, $length) {
671
$val = $this->field($val);
672
return (strlen($val) == (int) $length);
676
* check decimal with . is optional and after decimal places up to 6th precision
677
* @param string expecting form field name
680
public function isDecimal($val) {
681
$val = $this->field($val);
682
return (bool) pregMatch("/^\d+(\.\d{1,6})?$/'", $val);
686
* Valid hexadecimal color ,that may have #,
687
* @param string expecting form field name
690
public function isHexColor($val) {
691
$color = $this->field($val);
692
return (bool) preg_match('/^#?+[0-9a-f]{3}(?:[0-9a-f]{3})?$/i', $color);
696
* Matches againest given regular expression ,including delimeters
697
* @param string expecting form field name
698
* @param string regular expression string to compare against
701
public function isRegex($val, $expression) {
702
$val = $this->field($val);
703
return (bool) preg_match($expression, (string) $val);
707
* compares two any kind of values ,stictly
708
* @param string expecting form field name
709
* @param mixed expecting string to compare too
712
public function isMatches($val, $value) {
713
$val = $this->field($val);
714
return ($val === $value);
718
* check if field empty string ,orject,array
719
* @param string expecting form field name
722
public function isEmpty($val) {
723
$val = $this->field($val);
724
return in_array($val, array(null, false, '', array()), true);
728
* Check if given string matches any format date
729
* @param string expecting form field name
732
public function isDate($val) {
733
$val = $this->field($val);
734
return (strtotime($val) !== false);
738
* check given string againest given array values
739
* @param string expecting form field name
743
public function isEnum($val, $arr) {
744
$val = $this->field($val);
745
return in_array($val, $arr);
749
* Checks that a field matches a v2 md5 string
750
* @param string expecting form field name
753
public function isMd5($val) {
754
$val = $this->field($val);
755
return (bool) preg_match("/[0-9a-f]{32}/i", $val);
759
* Matches base64 enoding string
760
* @param string expecting form field name
763
public function isBase64($val) {
764
$val = $this->field($val);
765
return (bool) !preg_match('/[^a-zA-Z0-9\/\+=]/', $val);
769
* check if array has unique elements,it must have minimum one element
770
* @param string expecting form field name
773
public function isUnique($val) {
774
$arr = $this->field($val);
776
$count1 = count($arr);
777
$count2 = count(array_unique($arr));
778
return (count1 != 0 and (count1 == $count2));
782
* Check is rgb color value
783
* @param string expecting form field name
786
public function isRgb($val) {
787
$val = $this->field($val);
788
return (bool) preg_match("/^(rgb\(\s*\b([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\b\s*,\s*\b([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\b\s*,\s*\b([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\b\s*\))|(rgb\(\s*(\d?\d%|100%)+\s*,\s*(\d?\d%|100%)+\s*,\s*(\d?\d%|100%)+\s*\))$/", $val);
792
* is given field is boolean value or not
793
* @param string expecting form field name
796
public function isBoolean($val) {
797
$val = $this->field($val);
798
$booleans = array(1, 0, '1', '0', true, false, true, false);
799
$literals = array('true', 'false', 'yes', 'no');
800
foreach ($booleans as $bool) {
805
return in_array(strtolower($val), $literals);
809
* A token that don't have any white space
810
* @param string expecting form field name
813
public function isToken($val) {
814
$val = $this->field($val);
815
return (bool) !preg_match('/\s/', $val);
819
* Checks that a field is exactly the right length.
820
* @param string expecting form field name
821
* @link http://php.net/checkdnsrr not added to Windows until PHP 5.3.0
824
public function isEmailDomain($val) {
825
$email = $this->field($val);
826
return (bool) checkdnsrr(preg_replace('/^[^@]++@/', '', $email), 'MX');
830
* Matches a phone number that length optional numbers 7,10,11
831
* @param string expecting form field name
832
* @param int expecting number lenght
835
public function isPhone($val, $lengths = null) {
836
$number = $this->field($val);
837
if (!is_array($lengths)) {
838
$lengths = array(7, 10, 11);
840
$number = preg_replace('/\D+/', '', $number);
841
return in_array(strlen($number), $lengths);
845
* check given sting is UTF8
846
* @param string expecting form field name
849
public function isUtf8($val) {
850
$val = $this->field($val);
851
return preg_match('%(?:
852
[\xC2-\xDF][\x80-\xBF]
853
|\xE0[\xA0-\xBF][\x80-\xBF]
854
|[\xE1-\xEC\xEE\xEF][\x80-\xBF]{2}
855
|\xED[\x80-\x9F][\x80-\xBF]
856
|\xF0[\x90-\xBF][\x80-\xBF]{2}
857
|[\xF1-\xF3][\x80-\xBF]{3}
858
|\xF4[\x80-\x8F][\x80-\xBF]{2}
863
* Given sting is lower cased
864
* @param string expecting form field name
867
public function isLower($val) {
868
$val = $this->field($val);
869
return (bool) preg_match("/^[a-z]+$/", $val);
873
* Given string is upper cased?
874
* @param string expecting form field name
877
public function isUpper($val) {
878
$val = $this->field($val);
879
return (bool) preg_match("/^[A-Z]+$/", $val);
883
* Checks that given value matches following country pin codes.
893
* uk = united kingdom
895
* @param String expecting form field name
896
* @param String expecting country code
899
public function isPincode($val, $country = 'us') {
900
$val = $this->field($val);
901
$patterns = array('at' => '^[0-9]{4,4}$', 'au' => '^[2-9][0-9]{2,3}$', 'ca' =>
902
'^[a-zA-Z].[0-9].[a-zA-Z].\s[0-9].[a-zA-Z].[0-9].', 'de' => '^[0-9]{5,5}$', 'ee' =>
903
'^[0-9]{5,5}$', 'nl' => '^[0-9]{4,4}\s[a-zA-Z]{2,2}$', 'it' => '^[0-9]{5,5}$',
904
'pt' => '^[0-9]{4,4}-[0-9]{3,3}$', 'se' => '^[0-9]{3,3}\s[0-9]{2,2}$', 'uk' =>
905
'^([A-Z]{1,2}[0-9]{1}[0-9A-Z]{0,1}) ?([0-9]{1}[A-Z]{1,2})$', 'us' =>
906
'^[0-9]{5,5}[\-]{0,1}[0-9]{4,4}$');
907
if (!array_key_exists($country, $patterns))
909
return (bool) preg_match("/" . $patterns[$country] . "/", $val);
913
* Check given url really exists?
914
* @param string expecting form field name
917
public function isUrlExists($val) {
918
$link = $this->field($val);
919
if (!$this->isUrl($link))
921
return (bool) @fsockopen($link, 80, $errno, $errstr, 30);
925
* Check given sting has script tags
926
* @param string expecting form field name
929
public function isJsSafe($val) {
930
$val = $this->field($val);
931
return (bool) (!preg_match("/<script[^>]*>[\s\r\n]*(<\!--)?|(-->)?[\s\r\n]*<\/script>/", $val));
935
* given sting has html tags?
936
* @param string expecting form field name
939
public function isHtmlSafe($val) {
940
$val = $this->field($val);
941
return (bool) (!preg_match("/<(.*)>.*</$1>/", $val));
945
* check given sring has multilines
946
* @param string expecting form field name
949
public function isMultiLine($val) {
950
$val = $this->field($val);
951
return (bool) preg_match("/[\n\r\t]+/", $val);
955
* check given array key element exists?
956
* @param string expecting form field name
959
public function isExists($val, $arr) {
960
$val = $this->field($val);
961
return isset($arr[$val]);
965
* is given string is ascii format?
966
* @param string expecting form field name
969
public function isAscii($val) {
970
$val = $this->field($val);
971
return !preg_match('/[^\x00-\x7F]/i', $val);
975
* Checks given value again MAC address of the computer
976
* @param string expecting form field name
979
public function isMacAddress($val) {
980
$val = $this->field($val);
981
return (bool) preg_match('/^([0-9a-fA-F][0-9a-fA-F]:){5}([0-9a-fA-F][0-9a-fA-F])$/', $val);
985
* Checks given value matches us citizen social security number
986
* @param string expecting form field name
989
public function isUsssn($val) {
990
$val = $this->field($val);
991
return (bool) preg_match("/^\d{3}-\d{2}-\d{4}$/", $val);
995
* Checks given value matches date de
996
* @param string expecting form field name
999
public function isDateDE($val) {
1000
$date = $this->field($val);
1001
return (bool) preg_match("/^\d\d?\.\d\d?\.\d\d\d?\d?$/", $date);
1005
* Checks given value matches us citizen social security number
1006
* @param string expecting form field name
1009
public function isDateISO($val) {
1010
$date = $this->field($val);
1011
return (bool) preg_match("/^\d{4}[\/-]\d{1,2}[\/-]\d{1,2}$/", $date);
1015
* Checks given value matches a time zone
1017
* @param string expecting form field name
1020
public function isTimezone($val) {
1021
$val = $this->field($val);
1022
return (bool) preg_match("/^[-+]((0[0-9]|1[0-3]):([03]0|45)|14:00)$/", $val);
1026
* Time in 24 hours format with optional seconds
1027
* 12:15 | 10:26:59 | 22:01:15
1028
* @param string expecting form field name
1031
public function isTime24($val) {
1032
$val = $this->field($val);
1033
return (bool) preg_match("/^(([0-1]?[0-9])|([2][0-3])):([0-5]?[0-9])(:([0-5]?[0-9]))?$/", $val);
1037
* Time in 12 hours format with optional seconds
1038
* 08:00AM | 10:00am | 7:00pm
1039
* @param string expecting form field name
1042
public function isTime12($val) {
1043
$val = $this->field($val);
1044
return (bool) preg_match("/^([1-9]|1[0-2]|0[1-9]){1}(:[0-5][0-9][aApP][mM]){1}$/", $val);
1051
public function __get($name)
1053
return $this->$name = '';
1056
public function __set($name, $value)
1058
return $this->$name = $value;
b'\\ No newline at end of file'
added
removed
plugins/CRUD/includes/crud.class.php
