source: trunk/lib/Validator.inc.php @ 457

<?php
/**
 * The Strangecode Codebase - a general application development framework for PHP
 * For details visit the project site: <http://trac.strangecode.com/codebase/>
 * Copyright 2001-2012 Strangecode, LLC
 *
 * This file is part of The Strangecode Codebase.
 *
 * The Strangecode Codebase is free software: you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your option)
 * any later version.
 *
 * The Strangecode Codebase is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License along with
 * The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>.
 */

/**
 * Validator.inc.php
 *
 * The Validator class provides a methods for validating input against different criteria.
 * All functions return true if the input passes the test.
 *
 * @author    Quinn Comendant <quinn@strangecode.com>
 * @version   1.0
 */

// Known credit card types.
define('CC_TYPE_VISA', 1);
define('CC_TYPE_MASTERCARD', 2);
define('CC_TYPE_AMEX', 3);
define('CC_TYPE_DISCOVER', 4);
define('CC_TYPE_DINERS', 5);
define('CC_TYPE_JCB', 6);

// validateEmail return types.
define('VALIDATE_EMAIL_SUCCESS', 0);
define('VALIDATE_EMAIL_REGEX_FAIL', 1);
define('VALIDATE_EMAIL_LENGTH_FAIL', 2);
define('VALIDATE_EMAIL_MX_FAIL', 3);

class Validator {

    /**
     * Ensures a value is empty.
     *
     * @param  string $val The input data to validate.
     * @return bool   true if form is not empty, false otherwise.
     */
    function notEmpty($val)
    {
        return '' != trim((string)$val);
    }

    /**
     * Ensures a value is blank.
     *
     * @param  string $val The input data to validate.
     * @return bool   true if form is empty, false otherwise.
     */
    function isEmpty($val)
    {
        return '' == trim((string)$val);
    }

    /**
     * Check whether input is a string.
     *
     * @param  string $val The input data to validate.
     * @return bool   true if form is a string, false otherwise.
     */
    function isString($val)
    {
        return '' == trim((string)$val) || is_string($val);
    }

    /**
     * Check whether input is a number. Allows negative numbers.
     *
     * @param  string $val The input data to validate.
     * @return bool   True if no errors found, false otherwise.
     */
    function isNumber($val)
    {
        return '' == trim((string)$val) || is_numeric($val);
    }

    /**
     * addError if input is NOT an integer. Don't just use is_int() because the
     * data coming from the user is *really* a string.
     *
     * @param  string $val The input data to validate.
     * @return bool   true if value is an integer
     */
    function isInteger($val, $negative_ok=false)
    {
        $pattern = $negative_ok ? '/^-?[[:digit:]]+$/' : '/^[[:digit:]]+$/';
        return '' == trim((string)$val) || (is_numeric($val) && preg_match($pattern, $val));
    }

    /**
     * Check whether input is a float. Don't just use is_float() because the
     * data coming from the user is *really* a string. Integers will also
     * pass this test.
     *
     * @param  string $val The input data to validate.
     * @return bool   true if value is a float
     */
    function isFloat($val, $negative_ok=false)
    {
        $pattern = $negative_ok ? '/^-?[[:digit:]]*(?:\.?[[:digit:]]+)$/' : '/^[[:digit:]]*(?:\.?[[:digit:]]+)$/';
        return '' == trim((string)$val) || (is_numeric($val) && preg_match($pattern, $val));
    }

    /**
     * Check whether input is an array.
     *
     * @param  string $val The input data to validate.
     * @return bool   true if value is a float
     */
    function isArray($val)
    {
        return (is_string($val) && '' == trim((string)$val)) || is_array($val);
    }

    /**
     * Check whether input matches the specified perl regular expression
     * pattern.
     *
     * @param  string $val The input data to validate.
     * @param  int    $regex            PREG that the string must match
     * @param  bool   $valid_on_match   Set to true to be valid if match, or false to be valid if the match fails.
     * @return bool   true if value passes regex test
     */
    function checkRegex($val, $regex, $valid_on_match=true)
    {
        return $valid_on_match ? preg_match($regex, $val) : !preg_match($regex, $val);
    }

    /**
     * Tests if the string length is between specified values. Whitespace excluded for min.
     *
     * @param  string $val The input data to validate.
     * @param  int    $min       minimum length of string, inclusive
     * @param  int    $max       maximum length of string, inclusive
     * @return bool   true if string length is within given boundaries
     */
    function stringLength($val, $min, $max)
    {
        return mb_strlen(trim((string)$val)) >= $min && mb_strlen($val) <= $max;
    }

    /**
     * Check whether input is within a valid numeric range.
     *
     * @param  string $val The input data to validate.
     * @param  int    $min       minimum value of number, inclusive
     * @param  int    $max       maximum value of number, inclusive
     * @return bool   True if no errors found, false otherwise.
     */
    function numericRange($val, $min, $max)
    {
        return '' == trim((string)$val) || (is_numeric($val) && $val >= $min && $val <= $max);
    }

    /**
     * Validates an email address based on the recommendations in RFC 3696.
     * Is more loose than restrictive, to allow the many valid variants of
     * email addresses while catching the most common mistakes.
     * http://www.faqs.org/rfcs/rfc822.html
     * http://www.faqs.org/rfcs/rfc2822.html
     * http://www.faqs.org/rfcs/rfc3696.html
     * http://www.faqs.org/rfcs/rfc1035.html
     *
     * @access  public
     * @param   string  $val    The input data to validate..
     * @return  const           One of the constant values: VALIDATE_EMAIL_SUCCESS|VALIDATE_EMAIL_REGEX_FAIL|VALIDATE_EMAIL_LENGTH_FAIL|VALIDATE_EMAIL_MX_FAIL
     * @author  Quinn Comendant <quinn@strangecode.com>
     */
    function validateEmail($val)
    {
        require_once 'codebase/lib/Email.inc.php';
        $e = new Email();

        // Test email address format.
        if (!preg_match($e->getParam('regex'), $val, $e_parts)) {
            return VALIDATE_EMAIL_REGEX_FAIL;
        }

        // We have a match! Here are the captured subpatterns, on which further tests are run.
        // The part before the @.
        $local = $e_parts[2];

        // The part after the @.
        // If domain is an IP [XXX.XXX.XXX.XXX] strip off the brackets.
        $domain = $e_parts[3]{0} == '[' ? mb_substr($e_parts[3], 1, -1) : $e_parts[3];

        // Test length.
        if (mb_strlen($local) > 64 || mb_strlen($domain) > 191) {
            return VALIDATE_EMAIL_LENGTH_FAIL;
        }

        // Check domain exists: It's a domain if ip2long fails; Checkdnsrr ensures a MX record exists; Gethostbyname() ensures the domain exists.
        // Compare ip2long twice for php4 backwards compat.
        if ((ip2long($domain) == '-1' || ip2long($domain) === false) && function_exists('checkdnsrr') && !checkdnsrr($domain . '.', 'MX') && gethostbyname($domain) == $domain) {
            // FIXME: Do we care?
            // return VALIDATE_EMAIL_MX_FAIL;
        }

        return VALIDATE_EMAIL_SUCCESS;
    }

    /**
     * Verifies that date can be processed by the strtotime function.
     *
     * @param  string  $val The input data to validate.
     * @return bool    True if no errors found, false otherwise.
     */
    function validateStrDate($val)
    {
        $app =& App::getInstance();

        if (is_string($val) && '' === trim($val)) {
            // Don't be too bothered about empty strings.
            return true;
        }

        $timestamp = strtotime($val);
        if (!$timestamp || $timestamp < 1) {
            return false;
        } else {
            return true;
        }
    }

    /**
     * Verifies credit card number using the Luhn (mod 10) algorithm.
     * http://en.wikipedia.org/wiki/Luhn_algorithm
     *
     * @param  string  $val   The input data to validate..
     * @param  string  $cc_num      Card number to verify.
     * @param  string  $cc_type     Optional, card type to do specific checks.
     * @return bool    True if no errors found, false otherwise.
     */
     function validateCCNumber($val, $cc_type=null)
     {
         // Get rid of any non-digits
         $cc_num = preg_replace('/[^\d]/', '', $val);

         // Perform card-specific checks, if applicable
         switch ($cc_type) {
             case CC_TYPE_VISA :
                 $regex = '/^4\d{15}$|^4\d{12}$/';
                 break;
             case CC_TYPE_MASTERCARD :
                 $regex = '/^5[1-5]\d{14}$/';
                 break;
             case CC_TYPE_AMEX :
                 $regex = '/^3[47]\d{13}$/';
                 break;
             case CC_TYPE_DISCOVER :
                 $regex = '/^6011\d{12}$/';
                 break;
             case CC_TYPE_DINERS :
                 $regex = '/^30[0-5]\d{11}$|^3[68]\d{12}$/';
                 break;
             case CC_TYPE_JCB :
                 $regex = '/^3\d{15}$|^2131|1800\d{11}$/';
                 break;
             default :
                 $regex = '';
                 break;
         }

         if ('' != $regex && !preg_match($regex, $cc_num)) {
             // Invalid format.
             return false;
         }

         // The Luhn formula works right to left, so reverse the number.
         $cc_num = strrev($cc_num);

         $luhn_total = 0;

         $num = mb_strlen($cc_num);
         for ($i=0; $i<$num; $i++) {
             // Get each digit.
             $digit = mb_substr($cc_num, $i, 1);

             //  If it's an odd digit, double it.
             if ($i / 2 != floor($i / 2)) {
                 $digit *= 2;
             }

             //  If the result is two digits, add them.
             if (mb_strlen($digit) == 2) {
                 $digit = mb_substr($digit, 0, 1) + mb_substr($digit, 1, 1);
             }

             //  Add the current digit to the $luhn_total.
             $luhn_total += $digit;
         }

         // If the Total is evenly divisible by 10, it's cool!
         return $luhn_total % 10 == 0;
     }

    /**
     * Check whether a file was selected for uploading. If file is missing, it's an error.
     *
     * @param  string $form_name The input data to validate.
     * @return bool   True if no errors found, false otherwise.
     */
    function fileUploaded($form_name)
    {
        if (!isset($_FILES[$form_name]['name']) || empty($_FILES[$form_name]['name'])) {
            return false;
        }

        if (is_array($_FILES[$form_name]['name'])) {
            foreach($_FILES[$form_name]['name'] as $f) {
                if ('' == $f) {
                    return false;
                }
            }
        } else {
            if ('' == $_FILES[$form_name]['name']) {
                return false;
            }
        }

        return true;
    }

} // THE END

?>