/**
* Verifies the specified value against either a regular
* expression or a function to see whether or not it contains valid
* input. Understood $type's are 'regex', 'func' or 'function',
* 'type' which checks for the type of the value (int, numeric, string,
* etc.), and 'rule' which evaluates a MailForm rule on the value.
* Functions must accept only the value of the variable and return
* a boolean value.
*
* @access public
* @param string $param
* @param string $type
* @param string $validator
* @return boolean
*
*/
function verify($param, $type, $validator)
{
$this->error = '';
if ($type == 'regex') {
if (preg_match($validator, $this->{$param})) {
return true;
} else {
$this->error = 'Regex validator did not match value';
return false;
}
} elseif ($type == 'func' || $type == 'function') {
if (call_user_func($validator, $this->{$param})) {
return true;
} else {
$this->error = 'Validator did not return true';
return false;
}
} elseif ($type == 'type') {
if (call_user_func('is_' . $validator, $this->{$param})) {
return true;
} else {
$this->error = 'Type validator did not return true';
return false;
}
} elseif ($type == 'rule') {
loader_import('saf.MailForm.Rule');
$rule = new MailFormRule($validator, $param);
if ($rule->validate($this->{$param}, array(), $this)) {
return true;
} else {
$this->error = 'Rule validator did not return true';
return false;
}
} else {
$this->error = 'Unknown validation type';
return false;
}
}
/**
* Executes the specified box using the Sitellite box API,
* which is essentially just an include.
*
* @access public
* @param string $name
* @param associative array $parameters
* @param string $context
* @return string
*
*/
function box($name, $parameters = array(), $context = 'normal')
{
if (!is_array($this->boxAccess)) {
if (!$this->boxAllowed($name, $context)) {
return '';
}
}
if (isset($this->boxAccess['sitellite_secure']) && $this->boxAccess['sitellite_secure']) {
if (site_secure()) {
if (!cgi_is_https()) {
cgi_force_https();
}
} else {
die('The requested box requires an SSL connection, but Sitellite does not have SSL enabled.');
}
} elseif (isset($this->boxAccess['sitellite_secure']) && $this->boxAccess['sitellite_secure'] === '') {
if (cgi_is_https()) {
cgi_force_http();
}
}
$app = $this->getApp($name);
$name = $this->removeApp($name, $app);
$this->apps[] = $app;
//echo 'App: ' . $app . ', Box: ' . $name . '<br />'; exit;
if (isset($this->boxAccess['sitellite_fname']) && $this->boxAccess['sitellite_fname'] && !@is_dir($this->prefix . '/' . $app . '/' . $this->boxPath . '/' . $name)) {
$name = preg_split('/\\//', $name);
$file = array_pop($name);
$name = join('/', $name);
} else {
$file = 'index';
}
if (@file_exists($this->prefix . '/' . $app . '/' . $this->boxPath . '/' . $name . '/' . $file . '.php')) {
global $intl;
$old_intl_path = $intl->directory;
$intl->directory = $this->prefix . '/' . $app . '/lang';
$intl->getIndex();
if (@file_exists($this->prefix . '/' . $app . '/conf/properties.php')) {
include_once $this->prefix . '/' . $app . '/conf/properties.php';
}
/*if (@file_exists ($this->prefix . '/' . $app . '/conf/settings.ini.php')) {
$settings = ini_parse ($this->prefix . '/' . $app . '/conf/settings.ini.php', true);
foreach ($settings as $k => $v) {
appconf_set ($k, $v['value']);
}
}*/
appconf_default_settings();
ob_start();
$box = $this->getBoxSettings($name, $app);
$box['context'] = $context;
$box['parameters'] =& $parameters;
// automatic input validation
loader_import('saf.MailForm');
foreach (array_keys($box) as $field) {
if ($field == 'Meta' || $field == 'context' || $field == 'parameters') {
continue;
}
foreach ($box[$field] as $key => $value) {
if (strpos($key, 'rule ') === 0) {
list($rule, $msg) = preg_split('/, ?/', $value, 2);
$r = new MailFormRule($rule, $field, $msg);
if (!$r->validate($box['parameters'][$field], new StdClass(), new StdClass())) {
ob_end_clean();
if ($context == 'action') {
echo '<h1>Input validation failed!</h1>';
echo '<p>Parameter: <strong>' . $field . '</strong></p>';
echo '<p>Message: <strong>' . $msg . '</strong></p>';
exit;
} else {
$this->boxAccess = false;
array_pop($this->apps);
return '<p class="notice">Input validation failed (' . $field . '): ' . $msg . '</p>';
}
}
}
}
}
// special behaviour changes for global objects when in a box
global $simple, $tpl;
$old_simple_path = $simple->path;
$simple->path = $this->prefix . '/' . $app . '/html';
$old_tpl_path = $tpl->path;
$tpl->path = $this->prefix . '/' . $app . '/html';
if (isset($this->boxAccess['sitellite_chdir']) && $this->boxAccess['sitellite_chdir']) {
$this->originalDirectory = getcwd();
//echo $this->boxPath . '/' . $name;
//exit;
chdir($this->prefix . '/' . $app . '/' . $this->boxPath . '/' . $name);
include $file . '.php';
chdir($this->originalDirectory);
} else {
include $this->prefix . '/' . $app . '/' . $this->boxPath . '/' . $name . '/' . $file . '.php';
}
$simple->path = $old_simple_path;
$tpl->path = $old_tpl_path;
$intl->directory = $old_intl_path;
$contents = ob_get_contents();
ob_end_clean();
$contents = $this->boxRewrite($contents);
if (isset($this->boxAccess['sitellite_exit']) && $this->boxAccess['sitellite_exit']) {
echo $contents;
$this->boxAccess = false;
exit;
}
$this->boxAccess = false;
array_pop($this->apps);
return $contents;
} else {
$this->boxAccess = false;
array_pop($this->apps);
global $errno;
$errno = E_NOT_FOUND;
switch (conf('Server', 'error_handler_type')) {
case 'box':
return $this->box(conf('Server', 'error_handler'));
case 'form':
return $this->form(conf('Server', 'error_handler'));
default:
header('Location: ' . site_prefix() . '/index/' . conf('Server', 'error_handler'));
exit;
}
}
$this->boxAccess = false;
array_pop($this->apps);
return '';
}
