735 lines
16 KiB
PHP
735 lines
16 KiB
PHP
<?php
|
|
/**
|
|
* AgileBill - Open Billing Software
|
|
*
|
|
* This body of work is free software; you can redistribute it and/or
|
|
* modify it under the terms of the Open AgileBill License
|
|
* License as published at http://www.agileco.com/agilebill/license1-4.txt
|
|
*
|
|
* Originally authored by Tony Landis, AgileBill LLC
|
|
*
|
|
* Recent modifications by Deon George
|
|
*
|
|
* @author Deon George <deonATleenooksDOTnet>
|
|
* @copyright 2009 Deon George
|
|
* @link http://osb.leenooks.net
|
|
*
|
|
* @link http://www.agileco.com/
|
|
* @copyright 2004-2008 Agileco, LLC.
|
|
* @license http://www.agileco.com/agilebill/license1-4.txt
|
|
* @author Tony Landis <tony@agileco.com>
|
|
* @package AgileBill
|
|
* @subpackage Core
|
|
*/
|
|
|
|
/**
|
|
* The main AgileBill CORE Validation Class
|
|
*
|
|
* @package AgileBill
|
|
* @subpackage Core
|
|
*/
|
|
class CORE_validate {
|
|
# Store our VAR from the caller
|
|
private $VAR;
|
|
|
|
public function __construct($VAR=null,$module='') {
|
|
$this->VAR = $VAR;
|
|
$this->module = $module;
|
|
}
|
|
|
|
public function convert($field,$data,$type) {
|
|
switch($type) {
|
|
case 'date':
|
|
return $this->convert_date($data);
|
|
break;
|
|
|
|
case 'time':
|
|
return $this->convert_time($data);
|
|
break;
|
|
|
|
case 'date-time':
|
|
return $this->convert_date_time($data);
|
|
break;
|
|
|
|
case 'date-now':
|
|
return $this->convert_date_now();
|
|
break;
|
|
|
|
case 'md5':
|
|
return $this->convert_md5($data);
|
|
break;
|
|
|
|
case 'sha':
|
|
return $this->convert_sha($data);
|
|
break;
|
|
|
|
case 'rc5':
|
|
return $this->convert_rc5($data);
|
|
break;
|
|
|
|
case 'crypt':
|
|
return $this->convert_crypt($data);
|
|
break;
|
|
|
|
case 'encrypt':
|
|
return $this->convert_encrypt($data);
|
|
break;
|
|
|
|
case 'gpg':
|
|
return $this->convert_gpg($data);
|
|
break;
|
|
|
|
case 'pgp':
|
|
return $this->convert_pgp($data);
|
|
break;
|
|
|
|
case 'array':
|
|
return $this->convert_array($data);
|
|
break;
|
|
|
|
case 'html':
|
|
return $this->convert_html($data);
|
|
break;
|
|
}
|
|
}
|
|
|
|
# Convert DEFAULT_TIME_FORMT to unix time stamp
|
|
public function convert_time($data) {
|
|
return strtotime($data);
|
|
}
|
|
|
|
# Convert DEFAULT_DATE_FORMT to unix time stamp
|
|
public function convert_date($date,$format=UNIX_DATE_FORMAT) {
|
|
if ($date == '0' || $date == '')
|
|
return '';
|
|
|
|
$Arr_format = explode(DEFAULT_DATE_DIVIDER,$format);
|
|
$Arr_date = explode(DEFAULT_DATE_DIVIDER,$date);
|
|
|
|
for ($i=0; $i<3; $i++) {
|
|
if ($Arr_format[$i] == 'd')
|
|
$day = $Arr_date[$i];
|
|
|
|
if ($Arr_format[$i] == 'm')
|
|
$month = $Arr_date[$i];
|
|
|
|
if ($Arr_format[$i] == 'Y')
|
|
$year = $Arr_date[$i];
|
|
}
|
|
|
|
|
|
return mktime(0,0,0,$month,$day,$year);
|
|
}
|
|
|
|
# Convert DEFAULT_DATE_TIME_FORMT to unix time stamp
|
|
public function convert_date_time($date) {
|
|
if ($date == '0' || $date == '')
|
|
return '';
|
|
|
|
$Arr_format = explode(DEFAULT_DATE_DIVIDER,UNIX_DATE_FORMAT);
|
|
$Arr_date = explode(DEFAULT_DATE_DIVIDER,$date);
|
|
|
|
for ($i=0; $i<3; $i++) {
|
|
if ($Arr_format[$i] == 'd')
|
|
$day = $Arr_date[$i];
|
|
|
|
if ($Arr_format[$i] == 'm')
|
|
$month = $Arr_date[$i];
|
|
|
|
if ($Arr_format[$i] == 'Y')
|
|
$year = $Arr_date[$i];
|
|
}
|
|
|
|
if (empty($day))
|
|
$day = date('d');
|
|
if (empty($month))
|
|
$month = date('m');
|
|
if (empty($year))
|
|
$year = date('Y');
|
|
|
|
return mktime(date('H'),date('i'),date('s'),$month,$day,$year);
|
|
}
|
|
|
|
public function convert_date_now() {
|
|
return time();
|
|
}
|
|
|
|
public function convert_md5($data) {
|
|
if ($data != '')
|
|
return md5($data);
|
|
else
|
|
return '';
|
|
}
|
|
|
|
public function convert_rc5($data) {
|
|
if ($data != '')
|
|
return rc5($data);
|
|
else
|
|
return '';
|
|
}
|
|
|
|
public function convert_sha($data) {
|
|
if ($data != '')
|
|
return sha1($data);
|
|
else
|
|
return '';
|
|
}
|
|
|
|
public function convert_crypt($data) {
|
|
if ($data != '')
|
|
return crypt($data);
|
|
else
|
|
return '';
|
|
}
|
|
|
|
public function convert_encrypt($data) {
|
|
if ($data != '') {
|
|
include_once(PATH_CORE.'crypt.inc.php');
|
|
return CORE_encrypt($data);
|
|
|
|
} else
|
|
return '';
|
|
}
|
|
|
|
public function convert_gpg($data) {
|
|
if ($data != '')
|
|
return gpg($data);
|
|
else
|
|
return '';
|
|
}
|
|
|
|
public function convert_pgp($data) {
|
|
if ($data != '')
|
|
return pgp($data);
|
|
else
|
|
return '';
|
|
}
|
|
|
|
|
|
public function convert_array($data) {
|
|
if ($data != '')
|
|
return serialize($data);
|
|
else
|
|
return serialize(array());
|
|
}
|
|
|
|
public function convert_html($data) {
|
|
if ($data == '')
|
|
return '';
|
|
else
|
|
return htmlspecialchars($data);
|
|
}
|
|
|
|
public function validate($field,$arr,$data,$type) {
|
|
if (isset($arr['min_len']) && ($arr['min_len'] > 1)) {
|
|
global $C_translate;
|
|
|
|
if (strlen($data) < $arr['min_len']) {
|
|
$C_translate->value['CORE']['min_length'] = $arr['min_len'];
|
|
$this->error[$field] = $C_translate->translate('validate_min_length','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
if (isset($arr['max_len']) && ($arr['max_len'] > 1)) {
|
|
global $C_translate;
|
|
|
|
if (strlen($data) > $arr['max_len']) {
|
|
$C_translate->value['CORE']['max_length'] = $arr['max_len'];
|
|
$this->error[$field] = $C_translate->translate('validate_max_length','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
switch ($type) {
|
|
case 'email':
|
|
return $this->validate_email($data,$field);
|
|
break;
|
|
|
|
case 'date':
|
|
return $this->validate_date($data,$field);
|
|
break;
|
|
|
|
case 'time':
|
|
return $this->validate_time();
|
|
break;
|
|
|
|
case 'date-time':
|
|
return $this->validate_date_time();
|
|
break;
|
|
|
|
case 'address':
|
|
return $this->validate_address($data,$field);
|
|
break;
|
|
|
|
case 'zip':
|
|
return $this->validate_zip($data,$field);
|
|
break;
|
|
|
|
case 'phone':
|
|
return $this->validate_phone($data,$field);
|
|
break;
|
|
|
|
case 'cc':
|
|
return $this->validate_cc($data,$field,false,false);
|
|
break;
|
|
|
|
case 'check':
|
|
return $this->validate_check();
|
|
break;
|
|
|
|
case 'numeric':
|
|
return $this->validate_numeric($data,$field);
|
|
break;
|
|
|
|
case 'alphanumeric':
|
|
return $this->validate_alphanumeric($data,$field);
|
|
break;
|
|
|
|
case 'non_numeric':
|
|
return $this->validate_non_numeric($data,$field);
|
|
break;
|
|
|
|
case 'float':
|
|
return $this->validate_float($data,$field);
|
|
break;
|
|
|
|
case 'any':
|
|
return $this->validate_any($data,$field);
|
|
break;
|
|
|
|
case 'domain':
|
|
return $this->validate_domain($data,$field);
|
|
break;
|
|
|
|
case 'ip':
|
|
return $this->validate_ip($data,$field);
|
|
break;
|
|
|
|
case 'password':
|
|
return $this->validate_password($data,$field);
|
|
break;
|
|
}
|
|
}
|
|
|
|
public function validate_email($data,$field) {
|
|
if (preg_match('/^[a-zA-Z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,4}$/',$data)) {
|
|
return true;
|
|
|
|
} else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_email','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_ip($data,$field) {
|
|
$ip = $data;
|
|
$valid = true;
|
|
|
|
if (preg_match('/^((127)|(192)|(10).*)$/',$ip)) {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_ip','CORE','');
|
|
|
|
return false;
|
|
}
|
|
|
|
$ip = explode('.',$ip);
|
|
if (count($ip) != 4) {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_ip','CORE','');
|
|
|
|
return false;
|
|
}
|
|
|
|
foreach($ip as $block)
|
|
if (! is_numeric($block) || $block>255 || $block<1)
|
|
$valid = false;
|
|
|
|
if ($valid == false) {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_ip','CORE','');
|
|
|
|
return false;
|
|
|
|
} else
|
|
return true;
|
|
}
|
|
|
|
public function validate_domain($data,$field) {
|
|
if (! preg_match('#^[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i',$data)) {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_domain','CORE','');
|
|
|
|
return false;
|
|
|
|
} else
|
|
return true;
|
|
}
|
|
|
|
|
|
public function validate_date($data,$field) {
|
|
if ($data == '0' || $data == '') {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_date','CORE','');
|
|
|
|
return false;
|
|
}
|
|
|
|
$Arr_format = explode(DEFAULT_DATE_DIVIDER,UNIX_DATE_FORMAT);
|
|
$Arr_date = explode(DEFAULT_DATE_DIVIDER,$data);
|
|
|
|
if (! gettype($Arr_date) == 'array' || count($Arr_date) != 3) {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_date','CORE','');
|
|
|
|
return false;
|
|
}
|
|
|
|
for ($i=0; $i<3; $i++) {
|
|
if ($Arr_format[$i] == 'd')
|
|
$day = $Arr_date[$i];
|
|
|
|
if ($Arr_format[$i] == 'm')
|
|
$month = $Arr_date[$i];
|
|
|
|
if ($Arr_format[$i] == 'Y')
|
|
$year = $Arr_date[$i];
|
|
}
|
|
|
|
$timestamp = mktime(0,0,0,$month,$day,$year);
|
|
$check_ts = mktime(0,0,0,1,1,1979);
|
|
|
|
if ($timestamp >= $check_ts)
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_date','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_time() {
|
|
return true;
|
|
}
|
|
|
|
public function validate_date_time() {
|
|
return true;
|
|
}
|
|
|
|
public function validate_address($data,$field) {
|
|
if (@strlen($data) >= 2 && preg_match('/[0-9]{1,}/',$data) && preg_match('/[a-z]{1,}/',$data)) {
|
|
return true;
|
|
|
|
} else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_address','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_zip($data,$field) {
|
|
if (@strlen($data) >= 4 && preg_match('/[0-9a-zA-Z-]{4,}/',$data))
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_zip','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_phone($data,$field) {
|
|
if (@strlen($data) > 9 && preg_match('/[0-9()-]{10,}/',$data))
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_phone','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_fax($data,$field) {
|
|
if (@strlen($data) > 9 && preg_match('/[0-9()-]{10,}/',$data))
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_fax','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_check() {
|
|
return true;
|
|
}
|
|
|
|
public function validate_numeric($data,$field) {
|
|
if (preg_match('/^[0-9]{1,}$/',$data))
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_numeric','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_alphanumeric($data,$field) {
|
|
if (preg_match('/^[0-9a-zA-Z-]{1,}$/',$data))
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_alphanumeric','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_non_numeric($data,$field) {
|
|
if (! preg_match('/[0-9]{1,}/',$data))
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_non_numeric','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_float($data,$field) {
|
|
if (preg_match('/^[0-9\.]{1,}$/',$data))
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_float','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_any($data,$field) {
|
|
if ($data != '')
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_any','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_unique($table,$field,$id,$value) {
|
|
if ($value == '')
|
|
return true;
|
|
|
|
$db = &DB();
|
|
|
|
# Quick check to see if we already have that value
|
|
$result = $db->Execute(sqlSelect($db,$table,$field,array('id'=>$id,$field=>$value)));
|
|
if ($result && $result->RecordCount())
|
|
return true;
|
|
|
|
$where = sprintf('%s=%s',$field,$db->qstr($value));
|
|
|
|
if ($id != '' && $id != 'record_id')
|
|
$where .= sprintf(' AND id !=%s',$db->qstr($id));
|
|
|
|
$result = $db->Execute(sqlSelect($db,$table,$field,$where));
|
|
|
|
if ($result === false) {
|
|
global $C_debug;
|
|
$C_debug->error('validate.inc.php','validate_unique',$db->ErrorMsg());
|
|
|
|
return false;
|
|
|
|
} else {
|
|
if ($result->RecordCount() == 0)
|
|
return true;
|
|
else
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function validate_cc_exp($month,$year) {
|
|
if (preg_replace('/^0/','',$year) > preg_replace('/^0/','',date('y')))
|
|
return true;
|
|
elseif (preg_replace('/^0/','',$year) == preg_replace('/^0/','',date('y')) &&
|
|
preg_replace('/^0/','',$month) >= preg_replace('/^0/','',date('m')))
|
|
return true;
|
|
else
|
|
return false;
|
|
}
|
|
|
|
public function validate_cc($ccNum,$field,$card_type,$card_type_accepted_arr) {
|
|
$v_ccNum = false;
|
|
|
|
# VISA
|
|
if ($card_type == 'visa' || ! $card_type) {
|
|
if (preg_match('/^4[0-9]{12}([0-9]{3})?$/',$ccNum)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'visa';
|
|
}
|
|
|
|
# MC
|
|
} else if ($card_type == 'mc' || ! $card_type) {
|
|
if (preg_match('/^5[1-5][0-9]{14}$/',$ccNum)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'mc';
|
|
}
|
|
|
|
# AMEX
|
|
} else if ($card_type == 'amex' || ! $card_type) {
|
|
if (preg_match('^/3[47][0-9]{13}$/',$ccNum)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'amex';
|
|
}
|
|
|
|
# DISCOVER
|
|
} else if ($card_type == 'discover' || ! $card_type) {
|
|
if (preg_match('^/6011[0-9]{12}/$',$ccNum)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'discover';
|
|
}
|
|
|
|
# DELTA ?
|
|
} else if ($card_type == 'delta' || ! $card_type) {
|
|
if (preg_match('/^4(1373[3-7]|462[0-9]{2}|5397[8-9]|54313|5443[2-5]|54742|567(2[5-9]|3[0-9]|4[0-5])|658[3-7][0-9]|659(0[1-9]|[1-4][0-9]|50)|844(09|10)|909[6-7][0-9]|9218[1-2]|98824)[0-9]{10}$/')) {
|
|
$v_ccNum = true;
|
|
$c_type = 'delta';
|
|
}
|
|
|
|
# SOLO ?
|
|
} else if ($card_type == 'solo' || ! $card_type) {
|
|
if (preg_match('^/6(3(34[5-9][0-9])|767[0-9]{2})[0-9]{10}([0-9]{2,3})?$/')) {
|
|
$v_ccNum = true;
|
|
$c_type = 'solo';
|
|
}
|
|
|
|
# SWITCH ?
|
|
} else if ($card_type == 'switch' || ! $card_type) {
|
|
if (preg_match('^/49(03(0[2-9]|3[5-9])|11(0[1-2]|7[4-9]|8[1-2])|36[0-9]{2})[0-9]{10}([0-9]{2,3})?$/',$ccNum) ||
|
|
preg_match('^/564182[0-9]{10}([0-9]{2,3})?$/',$ccNum) ||
|
|
preg_match('^/6(3(33[0-4][0-9])|759[0-9]{2})[0-9]{10}([0-9]{2,3})?$/',$ccNum)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'switch';
|
|
}
|
|
|
|
# JCB
|
|
} else if ($card_type == 'jcb' || ! $card_type) {
|
|
if (preg_match('^/(3[0-9]{4}|2131|1800)[0-9]{11}$/',$ccNum)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'jcb';
|
|
}
|
|
|
|
# DINERS
|
|
} else if ($card_type == 'diners' || ! $card_type) {
|
|
if (preg_match('/^3(0[0-5]|[68][0-9])[0-9]{11}$/',$ccNum)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'diners';
|
|
}
|
|
|
|
# CARTEBLANCHE
|
|
} else if ($card_type == 'carteblanche' || ! $card_type) {
|
|
if (preg_match('/^3(0[0-5]|[68][0-9])[0-9]{11}$/',$ccNum)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'carteblanche';
|
|
}
|
|
|
|
# ENROUTE
|
|
} else if ($card_type == 'enroute' || ! $card_type) {
|
|
if (in_array(substr($ccNum,0,4),array('2014','2149')) && (strlen($ccNum) == 15)) {
|
|
$v_ccNum = true;
|
|
$c_type = 'enroute';
|
|
}
|
|
}
|
|
|
|
# Validate accepted card type
|
|
if ($card_type_accepted_arr != false & $v_ccNum) {
|
|
$v_ccNum = false;
|
|
|
|
for ($i=0; $i<count($card_type_accepted_arr); $i++)
|
|
if ($card_type_accepted_arr[$i] == $c_type)
|
|
$v_ccNum = true;
|
|
}
|
|
|
|
if ($v_ccNum)
|
|
return true;
|
|
|
|
else {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_cc','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Strong password validation
|
|
*/
|
|
public function validate_password($data,$field) {
|
|
# Force numbers and letters
|
|
if (! preg_match('/[0-9]{1,}/',$data) || ! preg_match('/[a-z]{1,}/',$data)) {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_password','CORE','');
|
|
|
|
return false;
|
|
}
|
|
|
|
$exclude = array();
|
|
|
|
# Values to exclude
|
|
foreach (array('email','username','first_name','last_name') as $var) {
|
|
$index = sprintf('%s_%s',$this->module,$var);
|
|
|
|
if (isset($this->VAR[$index]) && trim($this->VAR[$index]))
|
|
array_push($exclude,$this->VAR[$index]);
|
|
}
|
|
|
|
# Not in email eq to email
|
|
if (isset($this->VAR[$this->module.'_email']) && trim($this->VAR[$this->module.'_email'])) {
|
|
$e = explode('@',$this->VAR[$this->module.'_email']);
|
|
|
|
array_push($exclude,$e[0]);
|
|
}
|
|
|
|
# not eq to initials
|
|
if (isset($this->VAR[$this->module.'_first_name']) && trim($this->VAR[$this->module.'_first_name']) &&
|
|
isset($this->VAR[$this->module.'_last_name']) && trim($this->VAR[$this->module.'_last_name'])) {
|
|
|
|
array_push($exclude,sprintf('%s%s%s',
|
|
substr($this->VAR[$this->module.'_first_name'],0,1),
|
|
isset($this->VAR[$this->module.'_middle_name']) && trim($this->VAR[$this->module.'_middle_name']) ? substr($this->VAR[$this->module.'_middle_name'],0,1) : '',
|
|
substr($this->VAR[$this->module.'_last_name'],0,1)));
|
|
}
|
|
|
|
# Check against data
|
|
foreach($exclude as $bad_data) {
|
|
if (! empty($bad_data) && preg_match("/{$bad_data}/",$data)) {
|
|
global $C_translate;
|
|
$this->error[$field] = $C_translate->translate('validate_password','CORE','');
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
return true;
|
|
}
|
|
}
|
|
?>
|