solocla/ppeasy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Primo commit: trasferimento del progetto PPEasy

Browse Source
This commit is contained in:
Claudio
2024-09-18 10:30:50 +02:00
commit eb475f257e
4233 changed files with 1043848 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
webassist/form_validations/wavt_scripts_php.php
+909
View File
@@ -0,0 +1,909 @@
<?php
// version 2.02
/*
-----------------------------------------------------------------------------
- File Name:
- WAFV_Scripts_PHP.php
-
- Description:
- Shared functions for WA Form Validations - Server Side PHP
-
- This file contains proprietary and confidential information from WebAssist.com
- corporation. Any unauthorized reuse, reproduction, or modification without
- the prior written consent of WebAssist.com is strictly prohibited.
-
- Copyright 2004 WebAssist.com Corporation. All rights reserved.
-----------------------------------------------------------------------------
*/
function SaveFormToSession($theErrors, $valPage) {
$postVars = "";
$formVars = array_keys($_POST);
$loopInde = 0;
foreach ($formVars as $theKey) {
if (is_array($_POST[$theKey])) {
$toAdd = "";
for ($x=0; $x < count($_POST[$theKey]); $x++) {
if ($x != 0) {
$toAdd .= "&";
}
if(get_magic_quotes_gpc()){
$toAdd .= "WAVT_".($theKey)."[".$x."]=".( stripslashes( $_POST[$theKey][$x]) );
}
else{
$toAdd .= "WAVT_".($theKey)."[".$x."]=".($_POST[$theKey][$x]);
}
}
}
else{
if(get_magic_quotes_gpc()){
$toAdd = "WAVT_".($theKey)."=".( stripslashes( $_POST[$theKey] ) );
}
else{
$toAdd = "WAVT_".($theKey)."=".($_POST[$theKey]);
}
}
if ($loopInde != 0) {
$postVars .= "&";
}
$postVars .= $toAdd;
$loopInde++;
}
$postVars .= "&WAVT_".$valPage."_Errors=".substr($theErrors,1);
$_SESSION['WAVT_'.$valPage."_Errors"] = $postVars;
}
function PostResult($thePage, $theErrors, $valPage, $appendParams = true) {
$thePostURL = "";
SaveFormToSession($theErrors, $valPage);
if (isset($_GET["plugin_file"])) return;
$thePostURL .= $thePage;
$urlParams = "";
$schema = $_SERVER['SERVER_PORT'] == '443' ? 'https' : 'http';
$host = strlen($_SERVER['HTTP_HOST'])?$_SERVER['HTTP_HOST']:$_SERVER['SERVER_NAME'];
if (strpos($thePostURL,"://") === false) {
if (strpos($thePage,"/") !== 0) {
$thePostURL = substr($_SERVER["REQUEST_URI"],0,strrpos($_SERVER["REQUEST_URI"],"/")+1) . $thePostURL;
}
if (strpos($thePostURL,"?") !== false) {
$urlParams = substr($thePostURL,strpos($thePostURL,"?"));
$thePostURL = substr($thePostURL,0,strpos($thePostURL,"?"));
}
$thePostURL = $schema."://".str_replace("%2F","/",$host.rawurlencode($thePostURL)).$urlParams;
}
while (!(strpos($thePostURL,"/../") === false)) {
$thePostURL = substr($thePostURL, 0, strrpos(substr($thePostURL,0,strpos($thePostURL,"/../")),"/")+1).substr($thePostURL,strpos($thePostURL,"/../")+4);
}
if (strpos($thePage,"#") === false && $appendParams && isset($_SERVER['QUERY_STRING']) && ($_SERVER['QUERY_STRING'] != '')) {
if (strpos($thePostURL,"?") !== false) {
$thePostURL.= "&" . ($_SERVER['QUERY_STRING']);
} else {
$thePostURL.= "?" . ($_SERVER['QUERY_STRING']);
}
}
$thePostURL = str_replace("%23","#",$thePostURL);
header("Location: ". $thePostURL);
exit;
}
function WAtrimIt($theString,$leaveLeft,$leaveRight) {
if (!isset($leaveLeft) || $leaveLeft == 0) {
$theString = ltrim($theString);
}
if (!isset($leaveRight) || $leaveRight == 0) {
$theString = rtrim($theString);
}
return $theString;
}
function WAValidateAN($value,$allowUpper,$allowLower,$allowNumbers,$allowSpace,$extraChars,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
for ($x=0; $x < strlen($value); $x++) {
$charGood = false;
$nextChar = substr($value,$x,1);
$charCode = ord(substr($value,$x,1));
if ($allowLower) {
if ($charCode >= 97 && $charCode <= 122) {
$charGood = true;
}
}
if ($allowUpper) {
if ($charCode >= 65 && $charCode <= 90) {
$charGood = true;
}
}
if ($allowNumbers) {
if ($charCode >= 48 && $charCode <= 57) {
$charGood = true;
}
}
if ($allowSpace) {
if ($nextChar == " ") {
$charGood = true;
}
}
if ($extraChars != "") {
if (strpos(str_replace("&quot;",'"',$extraChars),$nextChar) !== false) {
$charGood = true;
}
}
if (!$charGood) {
$isValid = false;
$x = strlen($value);
}
}
if ($required && $value == "") $isValid = false;
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateCC($value,$allow,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$accepted = "\r\n\t.- ";
if (!(!$required && $value == "")) {
$stripVal = "";
for ($x=0; $x < strlen($value); $x++) {
$charGood = false;
$nextChar = substr($value,$x,1);
$charCode = ord($nextChar);
if ($charCode >= 48 AND $charCode <= 57) {
$stripVal .= $nextChar;
} else {
if (strpos($accepted,$nextChar)==0) {
$isValid = false;
}
}
}
if (strlen($stripVal) < 13)
$isValid = false;
if ($isValid) {
if ($allow != "") {
$isValid = false;
$allow = explode(":",$allow);
foreach ($allow as $aStr) {
if ($aStr != "" && strpos($stripVal, $aStr) === 0) {
$isValid = true;
break;
}
}
}
}
if ($isValid) {
$isValid = WA_isCreditCard($stripVal);
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WA_isCreditCard($st) {
if ($st == 0)
return (false);
if (strlen($st) > 19)
return (false);
$sum = 0; $mul = 1; $l = strlen($st);
for ($i = 0; $i < $l; $i++) {
$digit = substr($st, $l-$i-1, 1);
$tproduct = $digit*$mul;
if ($tproduct >= 10)
$sum += ($tproduct % 10) + 1;
else
$sum += $tproduct;
if ($mul == 1)
$mul++;
else
$mul--;
}
if (($sum % 10) == 0)
return (true);
else
return (false);
}
function WAValidateDT($value,$doDate,$dateFormatStr,$dateMin,$dateMax,$doTime,$timeFormatStr,$timeMin,$timeMax,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$Now = getdate();
$Today = mktime(0, 0, 0, date("n"), date("j"), date("Y"));
if (!(!$required && $value=="")) {
if ($value=="") {
$isValid = false;
}
if ($doDate) {
if ($dateFormatStr != "") {
if (preg_match("/".$dateFormatStr."/i", $value)==0) {
$isValid = false;
}
}
if ($isValid) {
$dateVar = WAGetDateFormat($value, $dateFormatStr);
if (strtotime($dateVar) === 0 || $dateVar == -1 || is_numeric($value) || ((strpos($value, "/") == strrpos($value, "/") && strpos($value, "/") != false)) || ((strpos($value, "-") == strrpos($value, "-") && strpos($value, "-") != false)))
$isValid = false;
if ($dateMin != "") {
$compareDay = WAGetDateFormat($dateMin, $dateFormatStr);
if ($compareDay == -1) {
eval("\$compareDay = ".str_replace("&quot;",'"',$dateMin));
}
if ($dateVar < $compareDay)
$isValid = false;
}
if ($dateMax != "") {
$compareDay = WAGetDateFormat($dateMax, $dateFormatStr);
if ($compareDay == -1) {
eval("\$compareDay = ".str_replace("&quot;",'"',$dateMax));
}
if ($dateVar > $compareDay)
$isValid = false;
}
}
}
if ($doTime) {
$isValid = WAValidateTheTime($doTime, $timeFormatStr, $value, $isValid, $timeMin, $timeMax);
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateTheTime($doTime, $timeFormatStr, $value, $isValid, $timeMin, $timeMax) {
if ($doTime) {
if ($timeFormatStr != "") {
if (preg_match("/".$timeFormatStr."/i", $value)==0) {
$isValid = false;
}
}
if (strpos($value, ":")===false) {
$isValid = false;
}
if ($isValid) {
$dateVar = strtotime($value);
$fullYear = date("Y", $dateVar);
if ($dateVar == -1)
$dateVar = strtotime("1/1/1 ".$value);
if ($dateVar == -1)
$isValid = false;
if ($timeMin != "") {
$Today = strtotime("1/1/1 ".$timeMin);
if (!$Today == -1) {
$Today = eval(str_replace("&quot;",'"',$timeMin));
}
$enterTime = (date("H", $dateVar)*360) + (date("i", $dateVar)*60) + date("s", $dateVar);
$minTime = (date("H", $Today)*360) + (date("i", $Today)*60) + date("s", $Today);
if ($enterTime < $minTime)
$isValid = false;
}
if ($timeMax != "") {
$Today = strtotime("1/1/1 ".$timeMax);
if ($Today == -1) {
$Today = eval(str_replace("&quot;",'"',$timeMax));
}
$enterTime = ($dateVar["hours"]*360) + ($dateVar["minutes"]*60) + $dateVar["seconds"];
$minTime = ($Today["hours"]*360) + ($Today["minutes"]*60) + $Today["seconds"];
if ($enterTime > $minTime)
$isValid = false;
}
}
}
return $isValid;
}
function WAGetDateFormat($value, $dateFormat) {
$isUSServ = (date("n", strtotime("1/2/2006")) == 1);
$tValue = $value;
$isEuroDate = (($dateFormat && strpos($dateFormat, "[12]\\d|3[0-1]") < strpos($dateFormat, "1[0-2]|") && strpos($dateFormat, "\\w*") === false) || (!$isUSServ));
if (($isEuroDate && $isUSServ) || (!$isEuroDate && !$isUSServ)) {
$datePattn = "/(\\d*)[-\\.\\/](\\d*)[-\\.\\/](\d*)/";
preg_match($datePattn, $tValue, $tMatch);
if ($tMatch && sizeof($tMatch)) {
if ($isEuroDate) {
$value = $tMatch[2] . "/" . $tMatch[1] . "/" . $tMatch[3];
}
else {
$value = $tMatch[1] . "/" . $tMatch[2] . "/" . $tMatch[3];
}
if (strpos($tValue, " ") !== false) {
$value .= substr($tValue, strpos($tValue, " "));
}
}
}
return strtotime(preg_replace("/[\.-]/", "/", $value));
}
function WAValidateEM($value,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
if (!(!$required && $value == "")) {
$knownDomsPat = "/^(com|net|org|edu|int|mil|gov|arpa|biz|aero|name|coop|info|pro|museum|cat|\w{2,2})$/";
$emailPat = "/^(.+)@(.+)$/";
$accepted = "[^\s\(\)><@,;:\\\"\.\[\]]+";
$quotedUser = "(\"[^\"]*\")";
$ipDomainPat = "/^\[(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})\]$/";
$section = "(".$accepted."|".$quotedUser.")";
$userPat = "/^".$section."(\\.".$section.")*$/";
$domainPat = "/^".$accepted."(\\.".$accepted.")*$/";
$theMatch = preg_match($emailPat,$value,$MatchVal);
$acceptedPat = "/^" . $accepted . "$/";
$userName = "";
$domainName = "";
if (!$theMatch) {
$isValid = false;
}
else {
$userName = $MatchVal[1];
$domainName = $MatchVal[2];
$domArr = explode(".",$domainName);
$IPArray = preg_match($ipDomainPat,$domainName,$ipMatch);
for ($x=0; $x < strlen($userName); $x++) {
if ((ord(substr($userName,$x,1)) > 127 && ord(substr($userName,$x,1)) < 192) || ord(substr($userName,$x,1)) > 255) {
$isValid = false;
}
}
for ($x=0; $x < strlen($domainName); $x++) {
if ((ord(substr($domainName,$x,1)) > 127 && ord(substr($domainName,$x,1)) < 192) || ord(substr($domainName,$x,1)) > 255) {
$isValid = false;
}
}
if (!preg_match($userPat,$userName)) {
$isValid = false;
}
if ($IPArray) {
for ($x=1; $x <= 4; $x++) {
if ($IPArray[x] > 255) {
$isValid = false;
}
}
}
for ($x=0; $x<sizeof($domArr); $x++) {
if (!preg_match($acceptedPat,$domArr[$x]) || strlen($domArr[$x]) == 0 || (strlen($domArr[$x]) < 2 && $x >= (sizeof($domArr)-2) && $x > 0)) {
$isValid = false;
}
}
if (count($domArr) < 2) {
$isValid = false;
}
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateEL($value,$minLength,$maxLength,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
if ($required && $value == "") $isValid = false;
if (!(!$required && $value == "")) {
if ((strlen($value) < $minLength) || (strlen($value) > $maxLength && $maxLength > 0)) {
$isValid = false;
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateFE($value,$extensions,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$extensions = str_replace(", ",",",$extensions);
$ExtensionArr = explode(",",$extensions);
if (!(!$required && $value == "")) {
$isValid = false;
if (strrpos($value,".") > 0) {
$value = substr($value, strrpos($value,"."));
foreach ($ExtensionArr as $extension) {
$extension = str_replace(" ","",$extension);
if (strtolower($value) == strtolower($extension)) {
$isValid = true;
break;
}
}
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateLE($value1,$value2,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
if ($value1 != $value2 || ($required && $value1 == "")) {
$isValid = false;
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateNM($value,$minLength,$maxLength,$allowDecimals,$punctuationMarks,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$theCheck = (11/10);
$trueDecimal = substr($theCheck,1,1);
if (!$punctuationMarks) {
if ($trueDecimal == ".") {
$punctuationMarks =",.";
} else {
$punctuationMarks =".,";
}
}
$theThousand = substr($punctuationMarks,0,1);
$theDecimal = substr($punctuationMarks,1,1);
$startVal = $value;
$decimalIndex = strlen($value);
if (strrpos($punctuationMarks, $trueDecimal)===false && strrpos($value, $trueDecimal) !== false) {
$isValid = false;
}
$tempValue = $value;
if ($theDecimal && strpos($value, $theDecimal) !== false) {
if (strpos($value, $theDecimal) != strrpos($value, $theDecimal)) {
$isValid = false;
}
else {
$decimalIndex = strpos($value, $theDecimal);
$tempValue = substr($value, 0, $decimalIndex);
}
}
if ($theThousand && $isValid && strpos($tempValue, $theThousand) !== false) {
if (strpos($tempValue, $theThousand) > 3 || strpos($tempValue, $theThousand) == 0) {
$isValid = false;
}
else {
$valArr = explode($theThousand,$tempValue);
for ($v=1; $v < sizeof($valArr); $v++) {
if (strlen($valArr[$v]) != 3) {
$isValid = false;
break;
}
}
$tempValue = implode("",$valArr);
}
}
if ($isValid && strpos($value, $theDecimal) !== false) {
$tempValue = $tempValue . substr($value, strpos($value, $theDecimal));
}
$value = $tempValue;
if ($isValid && $trueDecimal != $theDecimal && strpos($value, $theDecimal) !== false) {
$value = substr($value,0,strpos($value, $theDecimal)) . $trueDecimal . substr($value,strpos($value, $theDecimal)+1);
}
if ($isValid && !(!$required && $value=="")) {
for ($x=0; $x < strlen($value); $x++) {
$theDigit = substr($value, $x, 1);
if (!is_numeric($theDigit) && $theDigit != " " && $theDigit != "," && $theDigit != "." && $theDigit != "-") {
$isValid = false;
break;
}
}
if ($value == "") {
$isValid = false;
}
if (!is_numeric($value)) {
$isValid = false;
}
else {
if (($minLength !== "" && $minLength > $value) || ($maxLength !== "" && $maxLength < $value)) {
$isValid = false;
} else {
if ($allowDecimals !== "") {
$decCheck = strpos($startVal,$theDecimal);
$decCheck += $allowDecimals;
$decCheck += 2;
if (strpos($startVal,$theDecimal)!==false && ($decCheck <= strlen($startVal) || $allowDecimals === 0)) {
$isValid = false;
}
}
}
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidatePN($value,$areaCode,$international,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$allowed = "*() -./_+".Chr(10).Chr(8);
$newVal = "";
if (!(!$required AND $value == "")) {
for ($x=0; $x < strlen($value); $x++) {
$z = substr($value,$x,1);
if (($z >= "0") && ($z <= "9")) {
$newVal = $newVal.$z;
} else {
if (strpos($allowed,$z) === false) {
$isValid = false;
}
}
}
if ($international) {
if (strlen($newVal) < 5) {
$isValid = false;
}
} else {
if (strlen($newVal) == 11) {
if (substr($newVal,0,1) != "1") {
$isValid = false;
}
} else {
if ((strlen($newVal) != 10 && strlen($newVal) != 7) || (strlen($newVal)==7 && $areaCode)) {
$isValid = false;
}
}
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateRX($value,$regExStr,$required,$number) {
$value = $value;
$WAFV_ErrorMessage = "";
$isValid = true;
$regExStr = str_replace("&quot;", '"', $regExStr);
if (!(!$required && $value=="")) {
$theMatch = preg_match($regExStr, $value);
if (!$theMatch) {
$isValid = false;
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateRQ($value,$trimWhite,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
if ($trimWhite) {
$value = WAtrimIt($value,0,0);
}
if (!isset($value) || $value === "") {
$isValid = false;
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateRT($value,$notAllowed,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$augValue = " ".strtolower($value)." ";
$tempVal = $augValue;
if (!(!$required && $value=="")) {
$notAllowed = explode(", ", $notAllowed);
foreach ($notAllowed AS $x) {
if ($x != "") {
$notAllowedInfo = explode("|", $x);
$notAllowedInfo[0] = str_replace ("&quot;", "\"", $notAllowedInfo[0]);
$notAllowedInfo[1] = str_replace ("&quot;", "\"", $notAllowedInfo[1]);
if (!(strpos($tempVal, strtolower($notAllowedInfo[0]))===false)) {
$isValid = false;
break;
}
}
}
}
if ($required && $value=="")
$isValid = false;
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateSS($value,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$allowed = "*() -./_\n\r+";
if (!(!$required && $value=="")) {
$newVal = "";
for ($x=0; $x < strlen($value); $x++) {
$z = substr($value, $x, 1);
if (($z >= "0") && ($z <= "9")) {
$newVal .= $z;
}
else {
if (strpos($allowed, $z) < 0) {
$isValid = false;
}
}
}
if (strlen($newVal) != 9) {
$isValid = false;
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateUnique($connName,$conn,$db,$tableName,$keyCol,$keyType,$keyValue,$filterCol,$filterType,$filterValue,$required,$number) {
$WAFV_ErrorMessage = ( ($required) ? WAValidateRQ($filterValue, true, $number) : "" );
if (!$WAFV_ErrorMessage) {
$isValid = true;
$WA_UniqueWhere = Validations_generateWhereClause(array($filterCol, $keyCol), array($filterType, $keyType), array($filterValue, $keyValue), array("=", "<>"));
$WA_UniqueSQL = "SELECT `".$keyCol."` FROM `".$tableName."` WHERE ".$WA_UniqueWhere->sqlWhereClause;
if (is_object($conn) && get_class($conn) == "mysqli") {
$WA_UniqueRS = mysqli_query($conn, $WA_UniqueSQL) or die(mysqli_error());
if ($WA_UniqueRS->num_rows > 0) {
$isValid = false;
}
} else {
mysql_select_db($db, $conn);
$WA_UniqueRS = mysql_query($WA_UniqueSQL, $conn) or die(mysql_error());
$WA_UniqueRows = mysql_num_rows($WA_UniqueRS);
if ($WA_UniqueRows) {
$isValid = false;
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
}
return $WAFV_ErrorMessage;
}
if (!function_exists("Validations_generateWhereClause")) {
class Validations_WhereClause {
var $sqlWhereClause;
function __construct($sqlWhereClause = "") {
$this->sqlWhereClause = $sqlWhereClause;
}
}
function Validations_generateWhereClause($fieldNameList, $columnTypeList, $fieldValueList, $comparisonList)
{
$obj = new Validations_WhereClause();
for ($i = 0; $i < sizeof($fieldNameList); $i++) {
$formVal = $fieldValueList[$i];
$WA_typesArray = explode(",", $columnTypeList[$i]);
$delim = ($WA_typesArray[0] != "none") ? $WA_typesArray[0] : "";
$altVal = ($WA_typesArray[1] != "none") ? $WA_typesArray[1] : "";
$emptyVal = ($WA_typesArray[2] != "none") ? $WA_typesArray[2] : "";
if ($formVal == "" || $formVal == "undefined") {
$formVal = $emptyVal;
} else {
if ($altVal != "") {
$formVal = $altVal;
} else if ($delim == "'") { // escape quotes
$formVal = "'".((!(preg_match("/(^|[^\\\\])'/", $formVal))) ? $formVal : addslashes($formVal));
if ($comparisonList[$i] == " LIKE ") $formVal .= "%";;
$formVal .= "'";
} else if ($delim == "") {
//numeric
if (is_numeric($formVal)) {
$formVal = "".floatval($formVal);
}
else {
$formVal = "0";
}
} else {
$formVal = $delim.Validations_clearOutSQLKeywords($formVal).$delim;
}
}
if (!($delim == "" && strpos($formVal,"()")>0)) {
if ($formVal == "NULL") {
$obj->sqlWhereClause .= (($i != 0) ? " AND " : "")."`". Validations_cleanUpColumnName($fieldNameList[$i])."`"." IS " .(($comparisonList[$i] == '<>')?"NOT ":"") .$formVal;
}
else {
$obj->sqlWhereClause .= (($i != 0) ? " AND " : "")."`". Validations_cleanUpColumnName($fieldNameList[$i])."`".Validations_cleanUpEquality($comparisonList[$i]).$formVal;
}
}
}
return $obj;
}
function Validations_cleanUpColumnName($colName) {
if (strpos($colName, ";") !== false) {
$colName = substr($colName, 0, strpos($colName, ";"));
}
if (strpos($colName, "(") !== false) {
$colName = substr($colName, 0, strpos($colName, "("));
}
if (strpos($colName, "=") !== false) {
$colName = substr($colName, 0, strpos($colName, "="));
}
return $colName;
}
function Validations_cleanUpEquality($tEquality) {
if (preg_replace('/^\\s*|\\s*$/', "", $tEquality) != "=") {
return Validations_cleanUpColumnName($tEquality);
}
return $tEquality;
}
function Validations_clearOutSQLKeywords($tString) {
if (strpos(strtolower($tString), "select") !== false) {
return "";
}
if (strpos(strtolower($tString), "drop") !== false) {
return "";
}
if (strpos(strtolower($tString), "alter") !== false) {
return "";
}
if (strpos(strtolower($tString), "create") !== false) {
return "";
}
if (strpos(strtolower($tString), "update") !== false) {
return "";
}
if (strpos(strtolower($tString), "insert") !== false) {
return "";
}
if (strpos(strtolower($tString), "delete") !== false) {
return "";
}
if (strpos(strtolower($tString), "'") !== false) {
return "";
}
if (strpos(strtolower($tString), "#") !== false) {
return "";
}
return $tString;
}
}
function WAValidateUR($value,$force,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$valURL = $value;
if (!strpos($valURL, "://")===false) {
$valURL = substr($valURL, strpos($valURL, "://")+3);
}
if (strpos($valURL, "?")>0) {
$valURL = substr($valURL, 0,strpos($valURL, "?"));
}
if (!(!$required && preg_replace("/\s/", "", $valURL)=="")) {
if (strtolower($force) == "none") {
if (strpos($value, "://")!==false)
$isValid = false;
}
if (strpos($value, "?") != strrpos($value, "?") || !strpos($value, " ") === false) {
$isValid = false;
}
if ($isValid) {
if (!strpos($valURL, ";") === false || !strpos($valURL, "&") === false || !strpos($valURL, "=") === false || !strpos($valURL, ",") === false) {
$isValid = false;
}
}
if (strtolower($force) != "false" && strtolower($force) != "none" && $isValid) {
$force = preg_replace("/\\s*,\\s*/", ",", $force);
$force = explode(",", $force);
$isValid = false;
foreach ($force as $x) {
if (strpos(strtolower($value), strtolower($x))===0) {
$isValid = true;
break;
}
}
}
if ($isValid && strpos($valURL, ".") < 1)
$isValid = false;
if ($isValid) {
$tDomain = $valURL;
if (strpos($tDomain, ":") !== false) {
$tDomain = substr($tDomain, 0, strpos($tDomain, ":"));
$tPort = substr($valURL, strlen($tDomain)+1);
if (strpos($tDomain, "/") !== false) {
$isValid = false;
}
else {
if (strpos($tPort, "/") !== false) {
$tPort = substr($tPort, 0, strpos($tPort, "/"));
}
if (!is_numeric($tPort) && $tPort !== "") {
$isValid = false;
}
}
}
if ($isValid && strpos($tDomain, "/") !== false) {
$tDomain = substr($tDomain, 0, strpos($tDomain, "/"));
}
if ($isValid) {
$tDomainA = explode(".", $tDomain);
if (sizeof($tDomainA) < 2) {
$isValid = false;
}
else {
$ipMatch = "/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/";
if (preg_match($ipMatch,$tDomain)) {
if ($tDomainA[0] > 255 || $tDomainA[1] > 255 || $tDomainA[2] > 255 || $tDomainA[3] > 255) {
$isValid = false;
}
}
else {
if (strlen($tDomainA[sizeof($tDomainA)-1]) < 2 || strlen($tDomainA[sizeof($tDomainA)-2]) < 2) {
$isValid = false;
}
}
}
}
}
}
if ($isValid && $required && preg_replace("/\s/", "", $valURL)=="")
$isValid = false;
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
function WAValidateZC($value,$us5,$us9,$can6,$uk,$required,$number) {
$WAFV_ErrorMessage = "";
$isValid = true;
$allowed = "() -.\n\r";
$charVal = "";
if (!(!$required && $value=="")) {
$newVal = "";
$hasLetters = false;
for ($x=0; $x < strlen($value); $x++) {
$z = substr($value, $x, 1);
if (($z >= "0") && ($z <= "9")) {
$newVal .= $z;
$charVal .= "N";
}
else if (($uk || $can6) && ((($z >= "a") && ($z <= "z")) || (($z >= "A") && ($z <= "Z")))) {
$charVal .= "A";
$hasLetters = true;
}
else if (strpos($allowed, $z) < 0 || $x == 0 || $x == strlen($value)-1) {
$isValid = false;
}
}
$acceptPattern = ",";
if ($us5) {
$acceptPattern .= "NNNNN,";
}
if ($us9) {
$acceptPattern .= "NNNNNNNNN,";
}
if ($uk) {
$acceptPattern .= "ANNAA,ANNNAA,AANNAA,AANNNAA,ANANAA,AANANAA,";
}
if ($can6) {
$acceptPattern .= "ANANAN,";
}
if (strpos($acceptPattern,",".$charVal.",") === false)
$isValid = false;
if ($isValid && !$hasLetters && ($us5 || $us9)) {
if ($us5) {
$isValid = preg_match('/^\d{5}$/', $value);
}
if ($us9 && (($us5 && !$isValid) || !$us5)) {
$isValid = (preg_match('/^\d{5}[-\. ]\d{4}$/', $value) || preg_match('/^\d{9}$/', $value));
}
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}
?>
webassist/form_validations/wavt_validatedform_php.php
+31
View File
@@ -0,0 +1,31 @@
<?php
@session_start();
function ValidatedField($page,$field,$encoded=true) {
$theFields= "";
$retVal = "";
if (isset($_SESSION["WAVT_".$page."_Errors"])) {
$theFields = "&".$_SESSION["WAVT_".$page."_Errors"];
}
if (strpos($theFields,"&WAVT_".$field."=") !== false) {
$retVal = substr($theFields,strpos($theFields,"&WAVT_".$field."=")+strlen("&WAVT_".$field."="));
} else if (strpos($theFields,"&WAVT_".$field."[0]=") !== false) {
$retVal = array();
$arrIndex = 0;
while (strpos($theFields,"&WAVT_".$field."[".$arrIndex."]=") !== false) {
$arrVal = substr($theFields,strpos($theFields,"&WAVT_".$field."[".$arrIndex."]=")+strlen("&WAVT_".$field."[".$arrIndex."]="));
if (strpos($arrVal,"&WAVT_") !== false) $arrVal = substr($arrVal,0,strpos($arrVal,"&WAVT_"));
$retVal[] = htmlspecialchars($arrVal);
$arrIndex++;
}
return $retVal;
}
if (strpos($retVal,"&WAVT_") !== false) {
$retVal = substr($retVal,0,strpos($retVal,"&WAVT_"));
}
if ($retVal == "" && $page == $field) {
$retVal = ValidatedField($page,$field."_Errors");
}
if ($encoded) $retVal = htmlspecialchars($retVal);
return $retVal;
}
?>