| | |
|---|
| | | $this->errorMessage .= "Custom datasource class or function is empty<br />\r\n"; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | if(isset($field['filters']) && is_array($field['filters'])) { |
|---|
| | | $new_values = array(); |
|---|
| | | foreach($values as $index => $value) { |
|---|
| | | $new_index = $this->filterField($index, $index, $field['filters'], 'SHOW'); |
|---|
| | | $new_values[$new_index] = $this->filterField($index, (isset($values[$index]))?$values[$index]:'', $field['filters'], 'SHOW'); |
|---|
| | | } |
|---|
| | | $values = $new_values; |
|---|
| | | unset($new_values); |
|---|
| | | unset($new_index); |
|---|
| | | } |
|---|
| | | |
|---|
| | | return $values; |
|---|
| | | |
|---|
| | |
|---|
| | | if(isset($field['filters']) && is_array($field['filters'])) { |
|---|
| | | $record[$key] = $this->filterField($key, (isset($record[$key]))?$record[$key]:'', $field['filters'], 'SAVE'); |
|---|
| | | } |
|---|
| | | |
|---|
| | | //* Validate record value |
|---|
| | | if(isset($field['validators']) && is_array($field['validators'])) { |
|---|
| | | $this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']); |
|---|
| | |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'INTEGER': |
|---|
| | | $new_record[$key] = (isset($record[$key]))?$app->functions->intval($record[$key]):0; |
|---|
| | | $new_record[$key] = (isset($record[$key]))?$app->functions->intval($record[$key]):0; |
|---|
| | | //if($new_record[$key] != $record[$key]) $new_record[$key] = $field['default']; |
|---|
| | | //if($key == 'refresh') die($record[$key]); |
|---|
| | | break; |
|---|
| | |
|---|
| | | if($filter['event'] == $filter_event) { |
|---|
| | | switch ($filter['type']) { |
|---|
| | | case 'TOLOWER': |
|---|
| | | $returnval = strtolower($field_value); |
|---|
| | | $returnval = strtolower($returnval); |
|---|
| | | break; |
|---|
| | | case 'TOUPPER': |
|---|
| | | $returnval = strtoupper($field_value); |
|---|
| | | $returnval = strtoupper($returnval); |
|---|
| | | break; |
|---|
| | | case 'IDNTOASCII': |
|---|
| | | if(function_exists('idn_to_ascii')) { |
|---|
| | | $returnval = idn_to_ascii($field_value); |
|---|
| | | } else { |
|---|
| | | $returnval = $field_value; |
|---|
| | | } |
|---|
| | | $returnval = $app->functions->idn_encode($returnval); |
|---|
| | | break; |
|---|
| | | case 'IDNTOUTF8': |
|---|
| | | if(function_exists('idn_to_utf8')) { |
|---|
| | | $returnval = idn_to_utf8($field_value); |
|---|
| | | } else { |
|---|
| | | $returnval = $field_value; |
|---|
| | | } |
|---|
| | | $returnval = $app->functions->idn_decode($returnval); |
|---|
| | | break; |
|---|
| | | default: |
|---|
| | | $this->errorMessage .= "Unknown Filter: ".$filter['type']; |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | return $returnval; |
|---|
| | | return $returnval; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'UNIQUE': |
|---|
| | | if($this->action == 'NEW') { |
|---|
| | | if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n'; |
|---|
| | | if($validator['allowempty'] == 'n' || ($validator['allowempty'] == 'y' && $field_value != '')){ |
|---|
| | | if($this->action == 'NEW') { |
|---|
| | | $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'"); |
|---|
| | | if($num_rec["number"] > 0) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | |
|---|
| | | $this->errorMessage .= $errmsg."<br />\r\n"; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | } else { |
|---|
| | | $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."' AND ".$this->formDef['db_table_idx']." != ".$this->primary_id); |
|---|
| | | if($num_rec["number"] > 0) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | |
|---|
| | | $this->errorMessage .= $errmsg."<br />\r\n"; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'NOTEMPTY': |
|---|
| | | if(empty($field_value)) { |
|---|
| | |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'ISINT': |
|---|
| | | if(function_exists('filter_var')) { |
|---|
| | | if(function_exists('filter_var') && $field_value < 2147483647) { |
|---|
| | | if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT) === false) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | | if(isset($this->wordbook[$errmsg])) { |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'ISV6PREFIX': |
|---|
| | | $v6_prefix_ok = 0; |
|---|
| | | $explode_field_value = explode(':',$field_value); |
|---|
| | | if ($explode_field_value[count($explode_field_value)-1]=='' && $explode_field_value[count($explode_field_value)-2]=='' ){ |
|---|
| | | if ( count($explode_field_value) <= 9 ) { |
|---|
| | | if(filter_var(substr($field_value,0,strlen($field_value)-2),FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) or filter_var(substr($field_value,0,strlen($field_value)-2).'::0',FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) or filter_var(substr($field_value,0,strlen($field_value)-2).':0',FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) ) { |
|---|
| | | $v6_prefix_ok = 1; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | $v6_prefix_ok = 2; |
|---|
| | | } |
|---|
| | | // check subnet against defined server-ipv6 |
|---|
| | | $sql_v6 = $app->db->queryOneRecord("SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND virtualhost = 'y' LIMIT 0,1"); |
|---|
| | | $sql_v6_explode=explode(':',$sql_v6['ip_address']); |
|---|
| | | if ( count($sql_v6_explode) < count($explode_field_value) && isset($sql_v6['ip_address']) ) { |
|---|
| | | $v6_prefix_ok = 3; |
|---|
| | | } |
|---|
| | | if($v6_prefix_ok == 0) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | | } |
|---|
| | | if($v6_prefix_ok == 2) { |
|---|
| | | $errmsg = 'IPv6 Prefix must end with ::'; |
|---|
| | | } |
|---|
| | | if($v6_prefix_ok == 3) { |
|---|
| | | $errmsg = 'IPv6 Prefix too long (according to Server IP Addresses)'; |
|---|
| | | } |
|---|
| | | if($v6_prefix_ok <> 1){ |
|---|
| | | $this->errorMessage .= $errmsg."<br />\r\n"; |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'ISIPV4': |
|---|
| | | $vip=1; |
|---|
| | | if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){ |
|---|
| | |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'ISIP': |
|---|
| | | //* Check if its a IPv4 or IPv6 address |
|---|
| | | if(function_exists('filter_var')) { |
|---|
| | | if(!filter_var($field_value,FILTER_VALIDATE_IP)) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | | if(isset($this->wordbook[$errmsg])) { |
|---|
| | | $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; |
|---|
| | | } else { |
|---|
| | | $this->errorMessage .= $errmsg."<br />\r\n"; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n'; |
|---|
| | | if($validator['allowempty'] == 'y' && $field_value == '') { |
|---|
| | | //* Do nothing |
|---|
| | | } else { |
|---|
| | | //* Check content with regex, if we use php < 5.2 |
|---|
| | | $ip_ok = 0; |
|---|
| | | if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){ |
|---|
| | | $ip_ok = 1; |
|---|
| | | //* Check if its a IPv4 or IPv6 address |
|---|
| | | if(isset($validator['separator']) && $validator['separator'] != '') { |
|---|
| | | //* When the field may contain several IP addresses, split them by the char defined as separator |
|---|
| | | $field_value_array = explode($validator['separator'],$field_value); |
|---|
| | | } else { |
|---|
| | | $field_value_array[] = $field_value; |
|---|
| | | } |
|---|
| | | if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){ |
|---|
| | | $ip_ok = 1; |
|---|
| | | } |
|---|
| | | if($ip_ok == 0) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | | if(isset($this->wordbook[$errmsg])) { |
|---|
| | | $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; |
|---|
| | | foreach($field_value_array as $field_value) { |
|---|
| | | if(function_exists('filter_var')) { |
|---|
| | | if(!filter_var($field_value,FILTER_VALIDATE_IP)) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | | if(isset($this->wordbook[$errmsg])) { |
|---|
| | | $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; |
|---|
| | | } else { |
|---|
| | | $this->errorMessage .= $errmsg."<br />\r\n"; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | $this->errorMessage .= $errmsg."<br />\r\n"; |
|---|
| | | //* Check content with regex, if we use php < 5.2 |
|---|
| | | $ip_ok = 0; |
|---|
| | | if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){ |
|---|
| | | $ip_ok = 1; |
|---|
| | | } |
|---|
| | | if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){ |
|---|
| | | $ip_ok = 1; |
|---|
| | | } |
|---|
| | | if($ip_ok == 0) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | | if(isset($this->wordbook[$errmsg])) { |
|---|
| | | $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; |
|---|
| | | } else { |
|---|
| | | $this->errorMessage .= $errmsg."<br />\r\n"; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | |
|---|
| | | $record[$key] = $app->auth->crypt_password(stripslashes($record[$key])); |
|---|
| | | $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; |
|---|
| | | } elseif ($field['encryption'] == 'MYSQL') { |
|---|
| | | $sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), "; |
|---|
| | | $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`"); |
|---|
| | | $record[$key] = $tmp['crypted']; |
|---|
| | | $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; |
|---|
| | | } elseif ($field['encryption'] == 'CLEARTEXT') { |
|---|
| | | $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; |
|---|
| | | } else { |
|---|
| | |
|---|
| | | $record[$key] = $app->auth->crypt_password(stripslashes($record[$key])); |
|---|
| | | $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; |
|---|
| | | } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') { |
|---|
| | | $sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), "; |
|---|
| | | $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`"); |
|---|
| | | $record[$key] = $tmp['crypted']; |
|---|
| | | $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; |
|---|
| | | } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') { |
|---|
| | | $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; |
|---|
| | | } else { |
|---|
