/**
* Form token validation
* @param array $validations The array of validation rules
* @return void
*/
function form_validate($validations = null)
{
if (!isset($_POST['lc_formToken_' . _cfg('formTokenName')])) {
Validation::addError('', _t('Invalid form token.'));
return false;
}
$token = _decrypt(session_get(_cfg('formTokenName')));
$postedToken = _decrypt(_post($_POST['lc_formToken_' . _cfg('formTokenName')]));
$result = false;
# check token first
if ($token == $postedToken) {
# check referer if it is requesting in the same site
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] && _cfg('siteDomain')) {
$siteDomain = _cfg('siteDomain');
$siteDomain = preg_replace('/^www\\./', '', $siteDomain);
$parsedURL = parse_url($_SERVER['HTTP_REFERER']);
$parsedURL['host'] = preg_replace('/^www\\./', '', $parsedURL['host']);
if (strcasecmp($siteDomain, $parsedURL['host']) == 0) {
$result = true;
}
}
}
if ($result == false) {
Validation::addError('', _t('Error occured during form submission. Please refresh the page to try again.'));
return false;
}
if ($validations && Validation::check($validations) === false) {
return false;
}
return true;
}
/**
* Check all inputs according to the validation rules provided
*
* @param array $validations The array of the validation rules
* @param string $type The return form of the error message:
* "multi" to return all error messages occurred;
* "single" to return the first error message occurred
*
* @return void
*/
function validation_check($validations, $type = 'multi')
{
return Validation::check($validations, $type);
}
