public static function validate(&$form, $field_values, $page_number = 0, &$failed_validation_page = 0) { $form = apply_filters('gform_pre_validation', $form); // validate form schedule if (self::validate_form_schedule($form)) { return false; } // validate entry limit if (self::validate_entry_limit($form)) { return false; } foreach ($form["fields"] as &$field) { //If a page number is specified, only validates fields that are on current page $field_in_other_page = $page_number > 0 && $field["pageNumber"] != $page_number; //validate fields with "no duplicate" functionality when they are present on pages before the current page. $validate_duplicate_feature = $field["noDuplicates"] && $page_number > 0 && $field["pageNumber"] <= $page_number; if ($field_in_other_page && !$validate_duplicate_feature) { continue; } //ignore validation if field is hidden or admin only if (RGFormsModel::is_field_hidden($form, $field, $field_values) || $field["adminOnly"]) { continue; } $value = RGFormsModel::get_field_value($field); //display error message if field is marked as required and the submitted value is empty if ($field["isRequired"] && self::is_empty($field, $form["id"])) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"]; } else { if ($field["noDuplicates"] && RGFormsModel::is_duplicate($form["id"], $field, $value)) { $field["failed_validation"] = true; //set page number so the failed field displays if on multi-page form $failed_validation_page = $field["pageNumber"]; $input_type = RGFormsModel::get_input_type($field); switch ($input_type) { case "date": $default_message = __("This date has already been taken. Please select a new date.", "gravityforms"); break; default: $default_message = is_array($value) ? __("This field requires an unique entry and the values you entered have been already been used.", "gravityforms") : sprintf(__("This field requires an unique entry and '%s' has already been used", "gravityforms"), $value); break; } $field["validation_message"] = apply_filters("gform_duplicate_message_{$form["id"]}", apply_filters("gform_duplicate_message", $default_message, $form), $form); } else { if (self::failed_state_validation($form["id"], $field, $value)) { $field["failed_validation"] = true; $field["validation_message"] = in_array($field["inputType"], array("singleproduct", "singleshipping", "hiddenproduct")) ? __("Please enter a valid value.", "gravityforms") : __("Invalid selection. Please select one of the available choices.", "gravityforms"); } else { switch (RGFormsModel::get_input_type($field)) { case "password": $password = $_POST["input_" . $field["id"]]; $confirm = $_POST["input_" . $field["id"] . "_2"]; if ($password != $confirm) { $field["failed_validation"] = true; $field["validation_message"] = __("Your passwords do not match.", "gravityforms"); } else { if (rgar($field, "passwordStrengthEnabled") && !rgempty("minPasswordStrength", $field) && !empty($password)) { $strength = $_POST["input_" . $field["id"] . "_strength"]; $levels = array("short" => 1, "bad" => 2, "good" => 3, "strong" => 4); if ($levels[$strength] < $levels[$field["minPasswordStrength"]]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Your password does not meet the required strength. <br/>Hint: To make it stronger, use upper and lower case letters, numbers and symbols like ! \" ? \$ % ^ & ).", "gravityforms") : $field["errorMessage"]; } } } break; case "name": if ($field["isRequired"] && $field["nameFormat"] != "simple") { $first = $_POST["input_" . $field["id"] . "_3"]; $last = $_POST["input_" . $field["id"] . "_6"]; if (empty($first) || empty($last)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter the first and last name.", "gravityforms") : $field["errorMessage"]; } } break; case "address": if ($field["isRequired"]) { $street = $_POST["input_" . $field["id"] . "_1"]; $city = $_POST["input_" . $field["id"] . "_3"]; $state = $_POST["input_" . $field["id"] . "_4"]; $zip = $_POST["input_" . $field["id"] . "_5"]; $country = $_POST["input_" . $field["id"] . "_6"]; if (empty($street) || empty($city) || empty($zip) || empty($state) && !$field["hideState"] || empty($country) && !$field["hideCountry"]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a complete address.", "gravityforms") : $field["errorMessage"]; } } break; case "creditcard": $card_number = rgpost("input_" . $field["id"] . "_1"); $expiration_date = rgpost("input_" . $field["id"] . "_2"); $security_code = rgpost("input_" . $field["id"] . "_3"); if (rgar($field, "isRequired") && (empty($card_number) || empty($security_code) || empty($expiration_date[0]) || empty($expiration_date[1]))) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter your credit card information.", "gravityforms") : $field["errorMessage"]; } else { if (!empty($card_number)) { $card_type = GFCommon::get_card_type($card_number); $security_code = rgpost("input_" . $field["id"] . "_3"); if (empty($security_code)) { $field["failed_validation"] = true; $field["validation_message"] = __("Please enter your card's security code.", "gravityforms"); } else { if (!$card_type) { $field["failed_validation"] = true; $field["validation_message"] = __("Invalid credit card number.", "gravityforms"); } else { if (!GFCommon::is_card_supported($field, $card_type["slug"])) { $field["failed_validation"] = true; $field["validation_message"] = $card_type["name"] . " " . __("is not supported. Please enter one of the supported credit cards.", "gravityforms"); } } } } } break; case "email": if (!rgblank($value) && !GFCommon::is_valid_email($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid email address.", "gravityforms") : $field["errorMessage"]; } else { if (rgget("emailConfirmEnabled", $field) && !empty($value)) { $confirm = rgpost("input_" . $field["id"] . "_2"); if ($confirm != $value) { $field["failed_validation"] = true; $field["validation_message"] = __("Your emails do not match.", "gravityforms"); } } } break; case "donation": case "price": if (!class_exists("RGCurrency")) { require_once "currency.php"; } $donation = GFCommon::to_number($value); if (!rgblank($value) && ($donation === false || $donation < 0)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid amount.", "gravityforms") : $field["errorMessage"]; } break; case "number": if (!rgblank($value) && !self::validate_range($field, $value) && !GFCommon::has_field_calculation($field)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? GFCommon::get_range_message($field) : $field["errorMessage"]; } else { if ($field["type"] == "quantity" && intval($value) != $value) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid quantity. Quantity cannot contain decimals.", "gravityforms") : $field["errorMessage"]; } } break; case "phone": $regex = '/^\\D?(\\d{3})\\D?\\D?(\\d{3})\\D?(\\d{4})$/'; if ($field["phoneFormat"] == "standard" && !empty($value) && !preg_match($regex, $value)) { $field["failed_validation"] = true; if (!empty($field["errorMessage"])) { $field["validation_message"] = $field["errorMessage"]; } } break; case "date": if (is_array($value) && rgempty(0, $value) && rgempty(1, $value) && rgempty(2, $value)) { $value = null; } if (!empty($value)) { $format = empty($field["dateFormat"]) ? "mdy" : $field["dateFormat"]; $date = GFCommon::parse_date($value, $format); if (empty($date) || !self::checkdate($date["month"], $date["day"], $date["year"])) { $field["failed_validation"] = true; $format_name = ""; switch ($format) { case "mdy": $format_name = "mm/dd/yyyy"; break; case "dmy": $format_name = "dd/mm/yyyy"; break; case "dmy_dash": $format_name = "dd-mm-yyyy"; break; case "dmy_dot": $format_name = "dd.mm.yyyy"; break; case "ymd_slash": $format_name = "yyyy/mm/dd"; break; case "ymd_dash": $format_name = "yyyy-mm-dd"; break; case "ymd_dot": $format_name = "yyyy.mm.dd"; break; } $message = $field["dateType"] == "datepicker" ? sprintf(__("Please enter a valid date in the format (%s).", "gravityforms"), $format_name) : __("Please enter a valid date.", "gravityforms"); $field["validation_message"] = empty($field["errorMessage"]) ? $message : $field["errorMessage"]; } } break; case "time": //create variable values if time came in one field if (!is_array($value) && !empty($value)) { preg_match('/^(\\d*):(\\d*) ?(.*)$/', $value, $matches); $value = array(); $value[0] = $matches[1]; $value[1] = $matches[2]; } $hour = $value[0]; $minute = $value[1]; if (empty($hour) && empty($minute)) { break; } $is_valid_format = is_numeric($hour) && is_numeric($minute); $min_hour = rgar($field, "timeFormat") == "24" ? 0 : 1; $max_hour = rgar($field, "timeFormat") == "24" ? 23 : 12; if (!$is_valid_format || $hour < $min_hour || $hour > $max_hour || $minute < 0 || $minute >= 60) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid time.", "gravityforms") : $field["errorMessage"]; } break; case "website": if (empty($value) || $value == "http://") { $value = ""; if ($field["isRequired"]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"]; } } if (!empty($value) && !GFCommon::is_valid_url($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid Website URL (i.e. http://www.gravityforms.com).", "gravityforms") : $field["errorMessage"]; } break; case "captcha": switch ($field["captchaType"]) { case "simple_captcha": if (class_exists("ReallySimpleCaptcha")) { $prefix = $_POST["input_captcha_prefix_{$field["id"]}"]; $captcha_obj = GFCommon::get_simple_captcha(); if (!$captcha_obj->check($prefix, str_replace(" ", "", $value))) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The CAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"]; } //removes old files in captcha folder (older than 1 hour); $captcha_obj->cleanup(); } break; case "math": $prefixes = explode(",", $_POST["input_captcha_prefix_{$field["id"]}"]); $captcha_obj = GFCommon::get_simple_captcha(); //finding first number $first = 0; for ($first = 0; $first < 10; $first++) { if ($captcha_obj->check($prefixes[0], $first)) { break; } } //finding second number $second = 0; for ($second = 0; $second < 10; $second++) { if ($captcha_obj->check($prefixes[2], $second)) { break; } } //if it is a +, perform the sum if ($captcha_obj->check($prefixes[1], "+")) { $result = $first + $second; } else { $result = $first - $second; } if (intval($result) != intval($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The CAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"]; } //removes old files in captcha folder (older than 1 hour); $captcha_obj->cleanup(); break; default: if (!function_exists("recaptcha_get_html")) { require_once GFCommon::get_base_path() . '/recaptchalib.php'; } $privatekey = get_option("rg_gforms_captcha_private_key"); $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The reCAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"]; } } break; case "fileupload": case "post_image": $info = pathinfo($_FILES["input_" . $field["id"]]["name"]); $allowedExtensions = self::clean_extensions(explode(",", strtolower($field["allowedExtensions"]))); $extension = strtolower(rgget("extension", $info)); if (empty($field["allowedExtensions"]) && in_array($extension, array("php", "asp", "exe", "com", "htaccess"))) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The uploaded file type is not allowed.", "gravityforms") : $field["errorMessage"]; } else { if (!empty($field["allowedExtensions"]) && !empty($info["basename"]) && !in_array($extension, $allowedExtensions)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? sprintf(__("The uploaded file type is not allowed. Must be one of the following: %s", "gravityforms"), strtolower($field["allowedExtensions"])) : $field["errorMessage"]; } } break; case "calculation": case "singleproduct": case "hiddenproduct": $quantity_id = $field["id"] . ".3"; $quantity = rgget($quantity_id, $value); if ($field["isRequired"] && rgblank($quantity) && !rgar($field, "disableQuantity")) { $field["failed_validation"] = true; $field["validation_message"] = rgempty("errorMessage", $field) ? __("This field is required.", "gravityforms") : rgar($field, "errorMessage"); } else { if (!empty($quantity) && (!is_numeric($quantity) || intval($quantity) != floatval($quantity))) { $field["failed_validation"] = true; $field["validation_message"] = __("Please enter a valid quantity", "gravityforms"); } } break; case "radio": if (rgar($field, 'enableOtherChoice') && $value == 'gf_other_choice') { $value = rgpost("input_{$field['id']}_other"); } if ($field["isRequired"] && rgar($field, 'enableOtherChoice') && $value == GFCommon::get_other_choice_value()) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"]; } break; } } } } $custom_validation_result = apply_filters("gform_field_validation", array("is_valid" => rgar($field, "failed_validation") ? false : true, "message" => rgar($field, "validation_message")), $value, $form, $field); $custom_validation_result = apply_filters("gform_field_validation_{$form["id"]}", $custom_validation_result, $value, $form, $field); $custom_validation_result = apply_filters("gform_field_validation_{$form["id"]}_{$field["id"]}", $custom_validation_result, $value, $form, $field); $field["failed_validation"] = rgar($custom_validation_result, "is_valid") ? false : true; $field["validation_message"] = rgar($custom_validation_result, "message"); } $is_valid = true; foreach ($form["fields"] as $f) { if (rgar($f, "failed_validation")) { $is_valid = false; break; } } $validation_result = apply_filters("gform_validation_{$form["id"]}", apply_filters("gform_validation", array("is_valid" => $is_valid, "form" => $form))); $is_valid = $validation_result["is_valid"]; $form = $validation_result["form"]; return $is_valid; }
public static function validate(&$form, $field_values, $page_number = 0, &$failed_validation_page = 0) { $form = gf_apply_filters(array('gform_pre_validation', $form['id']), $form); // validate form schedule if (self::validate_form_schedule($form)) { return false; } // validate entry limit if (self::validate_entry_limit($form)) { return false; } // Prevent tampering with the submitted form if (empty($_POST['is_submit_' . $form['id']])) { return false; } $is_valid = true; foreach ($form['fields'] as &$field) { /* @var GF_Field $field */ //If a page number is specified, only validates fields that are on current page $field_in_other_page = $page_number > 0 && $field->pageNumber != $page_number; //validate fields with 'no duplicate' functionality when they are present on pages before the current page. $validate_duplicate_feature = $field->noDuplicates && $page_number > 0 && $field->pageNumber <= $page_number; if ($field_in_other_page && !$validate_duplicate_feature) { continue; } // don't validate adminOnly fields. if ($field->adminOnly) { continue; } //ignore validation if field is hidden if (RGFormsModel::is_field_hidden($form, $field, $field_values)) { $field->is_field_hidden = true; continue; } $value = RGFormsModel::get_field_value($field); $input_type = RGFormsModel::get_input_type($field); //display error message if field is marked as required and the submitted value is empty if ($field->isRequired && self::is_empty($field, $form['id'])) { $field->failed_validation = true; $field->validation_message = empty($field->errorMessage) ? __('This field is required.', 'gravityforms') : $field->errorMessage; } else { if ($field->noDuplicates && RGFormsModel::is_duplicate($form['id'], $field, $value)) { $field->failed_validation = true; //set page number so the failed field displays if on multi-page form $failed_validation_page = $field->pageNumber; switch ($input_type) { case 'date': $default_message = __('This date has already been taken. Please select a new date.', 'gravityforms'); break; default: $default_message = is_array($value) ? __('This field requires a unique entry and the values you entered have been already been used.', 'gravityforms') : sprintf(__("This field requires a unique entry and '%s' has already been used", 'gravityforms'), $value); break; } $field->validation_message = gf_apply_filters(array('gform_duplicate_message', $form['id']), $default_message, $form, $field, $value); } else { if (self::failed_state_validation($form['id'], $field, $value)) { $field->failed_validation = true; $field->validation_message = in_array($field->inputType, array('singleproduct', 'singleshipping', 'hiddenproduct')) ? __('Please enter a valid value.', 'gravityforms') : __('Invalid selection. Please select one of the available choices.', 'gravityforms'); } else { $field->validate($value, $form); } } } $custom_validation_result = gf_apply_filters(array('gform_field_validation', $form['id'], $field->id), array('is_valid' => $field->failed_validation ? false : true, 'message' => $field->validation_message), $value, $form, $field); $field->failed_validation = rgar($custom_validation_result, 'is_valid') ? false : true; $field->validation_message = rgar($custom_validation_result, 'message'); if ($field->failed_validation) { $is_valid = false; } } $is_last_page = self::get_target_page($form, $page_number, $field_values) == '0'; if ($is_valid && $is_last_page && self::is_form_empty($form)) { foreach ($form['fields'] as &$field) { $field->failed_validation = true; $field->validation_message = esc_html__('At least one field must be filled out', 'gravityforms'); $is_valid = false; unset($field->is_field_hidden); } } $validation_result = gf_apply_filters(array('gform_validation', $form['id']), array('is_valid' => $is_valid, 'form' => $form, 'failed_validation_page' => $failed_validation_page)); $is_valid = $validation_result['is_valid']; $form = $validation_result['form']; $failed_validation_page = $validation_result['failed_validation_page']; return $is_valid; }
private function validate(&$form, $field_values) { $form = apply_filters('gform_pre_validation', $form); foreach ($form["fields"] as &$field) { /* * Skip over the following fields as we aren't processing any of them */ $skip_field = false; switch (RGFormsModel::get_input_type($field)) { case "captcha": case "html": case "password": case "product": case "coupon": case "quantity": case "shipping": case "donation": case "total": case "singleproduct": case "hiddenproduct": case "singleshipping": case "creditcard": case "page": case "post_image": case "fileupload": //ignore certain fields $skip_field = true; break; } if (isset($field['productField']) && (int) $field['productField'] > 0 || $field['type'] == 'shipping') { $skip_field = true; } /* ignore validation if field is hidden or admin only */ if (RGFormsModel::is_field_hidden($form, $field, $field_values) || isset($field['adminOnly']) && $field['adminOnly']) { $skip_field = true; } /* ignore user-defined restricted fields or hidden fields */ if (in_array($field['id'], $this->atts['restricted_fields']) || in_array($field['id'], $this->atts['hidden_fields'])) { $skip_field = true; } if ($skip_field) { continue; } $value = RGFormsModel::get_field_value($field); //display error message if field is marked as required and the submitted value is empty if ($field["isRequired"] && GFFormDisplay::is_empty($field, $form["id"])) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"]; } else { if ($field["noDuplicates"] && RGFormsModel::is_duplicate($form["id"], $field, $value)) { $field["failed_validation"] = true; $input_type = RGFormsModel::get_input_type($field); switch ($input_type) { case "date": $default_message = __("This date has already been taken. Please select a new date.", "gravityforms"); break; default: $default_message = is_array($value) ? __("This field requires a unique entry and the values you entered have been already been used.", "gravityforms") : sprintf(__("This field requires a unique entry and '%s' has already been used", "gravityforms"), $value); break; } $field["validation_message"] = apply_filters("gform_duplicate_message_{$form["id"]}", apply_filters("gform_duplicate_message", $default_message, $form, $field, $value), $form, $field, $value); } else { if (GFFormDisplay::failed_state_validation($form["id"], $field, $value)) { $field["failed_validation"] = true; $field["validation_message"] = in_array($field["inputType"], array("singleproduct", "singleshipping", "hiddenproduct")) ? __("Please enter a valid value.", "gravityforms") : __("Invalid selection. Please select one of the available choices.", "gravityforms"); } else { switch (RGFormsModel::get_input_type($field)) { case "name": if ($field["isRequired"] && $field["nameFormat"] != "simple") { $first = $_POST["input_" . $field["id"] . "_3"]; $last = $_POST["input_" . $field["id"] . "_6"]; if (empty($first) || empty($last)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter the first and last name.", "gravityforms") : $field["errorMessage"]; } } break; case "address": if ($field["isRequired"]) { $street = $_POST["input_" . $field["id"] . "_1"]; $city = $_POST["input_" . $field["id"] . "_3"]; $state = $_POST["input_" . $field["id"] . "_4"]; $zip = $_POST["input_" . $field["id"] . "_5"]; $country = $_POST["input_" . $field["id"] . "_6"]; if (empty($street) || empty($city) || empty($zip) || empty($state) && !$field["hideState"] || empty($country) && !$field["hideCountry"]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a complete address.", "gravityforms") : $field["errorMessage"]; } } break; case "email": if (!rgblank($value) && !GFCommon::is_valid_email($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid email address.", "gravityforms") : $field["errorMessage"]; } else { if (rgget("emailConfirmEnabled", $field) && !empty($value)) { $confirm = rgpost("input_" . $field["id"] . "_2"); if ($confirm != $value) { $field["failed_validation"] = true; $field["validation_message"] = __("Your emails do not match.", "gravityforms"); } } } break; case "price": if (!class_exists("RGCurrency")) { require_once "currency.php"; } $donation = GFCommon::to_number($value); if (!rgblank($value) && ($donation === false || $donation < 0)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid amount.", "gravityforms") : $field["errorMessage"]; } break; case "number": // the POST value has already been converted from currency or decimal_comma to decimal_dot and then cleaned in get_field_value() $value = GFCommon::maybe_add_leading_zero($value); $raw_value = $_POST["input_" . $field["id"]]; //Raw value will be tested against the is_numeric() function to make sure it is in the right format. $requires_valid_number = !rgblank($raw_value) && !GFCommon::has_field_calculation($field); $is_valid_number = self::validate_range($field, $value) && GFCommon::is_numeric($raw_value, $field["numberFormat"]); if ($requires_valid_number && !$is_valid_number) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? GFCommon::get_range_message($field) : $field["errorMessage"]; } else { if ($field['type'] == 'quantity') { if (intval($value) != $value) { $field['failed_validation'] = true; $field['validation_message'] = empty($field['errorMessage']) ? __('Please enter a valid quantity. Quantity cannot contain decimals.', 'gravityforms') : $field['errorMessage']; } else { if (!empty($value) && (!is_numeric($value) || intval($value) != floatval($value) || intval($value) < 0)) { $field['failed_validation'] = true; $field['validation_message'] = empty($field['errorMessage']) ? __('Please enter a valid quantity', 'gravityforms') : $field['errorMessage']; } } } } break; case "phone": $regex = '/^\\D?(\\d{3})\\D?\\D?(\\d{3})\\D?(\\d{4})$/'; if ($field["phoneFormat"] == "standard" && $value !== "" && $value !== 0 && !preg_match($regex, $value)) { $field["failed_validation"] = true; if (!empty($field["errorMessage"])) { $field["validation_message"] = $field["errorMessage"]; } } break; case "date": if (is_array($value) && rgempty(0, $value) && rgempty(1, $value) && rgempty(2, $value)) { $value = null; } if (!empty($value)) { $format = empty($field["dateFormat"]) ? "mdy" : $field["dateFormat"]; $date = GFCommon::parse_date($value, $format); if (empty($date) || !GFFormDisplay::checkdate($date["month"], $date["day"], $date["year"])) { $field["failed_validation"] = true; $format_name = ""; switch ($format) { case "mdy": $format_name = "mm/dd/yyyy"; break; case "dmy": $format_name = "dd/mm/yyyy"; break; case "dmy_dash": $format_name = "dd-mm-yyyy"; break; case "dmy_dot": $format_name = "dd.mm.yyyy"; break; case "ymd_slash": $format_name = "yyyy/mm/dd"; break; case "ymd_dash": $format_name = "yyyy-mm-dd"; break; case "ymd_dot": $format_name = "yyyy.mm.dd"; break; } $message = $field["dateType"] == "datepicker" ? sprintf(__("Please enter a valid date in the format (%s).", "gravityforms"), $format_name) : __("Please enter a valid date.", "gravityforms"); $field["validation_message"] = empty($field["errorMessage"]) ? $message : $field["errorMessage"]; } } break; case "time": //create variable values if time came in one field if (!is_array($value) && !empty($value)) { preg_match('/^(\\d*):(\\d*) ?(.*)$/', $value, $matches); $value = array(); $value[0] = $matches[1]; $value[1] = $matches[2]; } $hour = $value[0]; $minute = $value[1]; if (empty($hour) && empty($minute)) { break; } $is_valid_format = is_numeric($hour) && is_numeric($minute); $min_hour = rgar($field, "timeFormat") == "24" ? 0 : 1; $max_hour = rgar($field, "timeFormat") == "24" ? 23 : 12; if (!$is_valid_format || $hour < $min_hour || $hour > $max_hour || $minute < 0 || $minute >= 60) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid time.", "gravityforms") : $field["errorMessage"]; } break; case "website": if (empty($value) || $value == "http://") { $value = ""; if ($field["isRequired"]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"]; } } if (!empty($value) && !GFCommon::is_valid_url($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid Website URL (i.e. http://www.gravityforms.com).", "gravityforms") : $field["errorMessage"]; } break; case "calculation": $quantity_id = $field["id"] . ".3"; $quantity = rgget($quantity_id, $value); if ($field["isRequired"] && rgblank($quantity) && !rgar($field, "disableQuantity")) { $field["failed_validation"] = true; $field["validation_message"] = rgempty("errorMessage", $field) ? __("This field is required.", "gravityforms") : rgar($field, "errorMessage"); } else { if (!empty($quantity) && (!is_numeric($quantity) || intval($quantity) != floatval($quantity) || intval($quantity) < 0)) { $field["failed_validation"] = true; $field["validation_message"] = __("Please enter a valid quantity", "gravityforms"); } } break; case "radio": if (rgar($field, 'enableOtherChoice') && $value == 'gf_other_choice') { $value = rgpost("input_{$field['id']}_other"); } if ($field["isRequired"] && rgar($field, 'enableOtherChoice') && $value == GFCommon::get_other_choice_value()) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"]; } break; } } } } $custom_validation_result = apply_filters("gform_field_validation", array("is_valid" => rgar($field, "failed_validation") ? false : true, "message" => rgar($field, "validation_message")), $value, $form, $field); $custom_validation_result = apply_filters("gform_field_validation_{$form["id"]}", $custom_validation_result, $value, $form, $field); $custom_validation_result = apply_filters("gform_field_validation_{$form["id"]}_{$field["id"]}", $custom_validation_result, $value, $form, $field); $field["failed_validation"] = rgar($custom_validation_result, "is_valid") ? false : true; $field["validation_message"] = rgar($custom_validation_result, "message"); } $is_valid = true; foreach ($form["fields"] as $f) { if (rgar($f, "failed_validation")) { $is_valid = false; break; } } $validation_result = apply_filters("gform_validation_{$form["id"]}", apply_filters("gform_validation", array("is_valid" => $is_valid, "form" => $form))); $is_valid = $validation_result["is_valid"]; $form = $validation_result["form"]; return $is_valid; }
public static function validate(&$form, $field_values, $page_number = 0) { $is_valid = true; foreach ($form["fields"] as &$field) { //If a page number is specified, only validates fields that are on current page if ($page_number > 0 && $field["pageNumber"] != $page_number) { continue; } //ignore validation if field is hidden or admin only if (RGFormsModel::is_field_hidden($form, $field, $field_values) || $field["adminOnly"]) { continue; } $value = RGFormsModel::get_field_value($field); //display error message if field is marked as required and the submitted value is empty if ($field["isRequired"] && self::is_empty($field, $form["id"])) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } else { if ($field["noDuplicates"] && RGFormsModel::is_duplicate($form["id"], $field, $value)) { $field["failed_validation"] = true; $field["validation_message"] = is_array($value) ? apply_filters("gform_duplicate_message_{$form["id"]}", apply_filters("gform_duplicate_message", __("This field requires an unique entry and the values you entered have been already been used", "gravityforms"), $form), $form) : apply_filters("gform_duplicate_message_{$form["id"]}", apply_filters("gform_duplicate_message", sprintf(__("This field requires an unique entry and '%s' has already been used", "gravityforms"), $value), $form), $form); $is_valid = false; } else { if (self::failed_state_validation($form["id"], $field, $value)) { $field["failed_validation"] = true; $field["validation_message"] = in_array($field["inputType"], array("singleproduct", "singleshipping")) ? __("Please enter a valid value.", "gravityforms") : __("Invalid selection. Please select one of the available choices.", "gravityforms"); $is_valid = false; } else { switch (RGFormsModel::get_input_type($field)) { case "password": $password = $_POST["input_" . $field["id"]]; $confirm = $_POST["input_" . $field["id"] . "_2"]; if ($password != $confirm) { $field["failed_validation"] = true; $field["validation_message"] = __("Your passwords do not match.", "gravityforms"); $is_valid = false; } else { if ($field["passwordStrengthEnabled"] && !empty($field["minPasswordStrength"]) && !empty($password)) { $strength = $_POST["input_" . $field["id"] . "_strength"]; $levels = array("short" => 1, "bad" => 2, "good" => 3, "strong" => 4); if ($levels[$strength] < $levels[$field["minPasswordStrength"]]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Your password does not meet the required strength. <br/>Hint: To make it stronger, use upper and lower case letters, numbers and symbols like ! \" ? \$ % ^ & ).", "gravityforms") : $field["errorMessage"]; $is_valid = false; } } } break; case "name": if ($field["isRequired"] && $field["nameFormat"] != "simple") { $first = $_POST["input_" . $field["id"] . "_3"]; $last = $_POST["input_" . $field["id"] . "_6"]; if (empty($first) || empty($last)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter the first and last name.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } } break; case "address": if ($field["isRequired"]) { $street = $_POST["input_" . $field["id"] . "_1"]; $city = $_POST["input_" . $field["id"] . "_3"]; $state = $_POST["input_" . $field["id"] . "_4"]; $zip = $_POST["input_" . $field["id"] . "_5"]; $country = $_POST["input_" . $field["id"] . "_6"]; if (empty($street) || empty($city) || empty($zip) || empty($state) && !$field["hideState"] || empty($country) && !$field["hideCountry"]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a complete address.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } } break; case "email": if (!empty($value) && !GFCommon::is_valid_email($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid email address.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } else { if (rgget("emailConfirmEnabled", $field) && !empty($value)) { $confirm = rgpost("input_" . $field["id"] . "_2"); if ($confirm != $value) { $field["failed_validation"] = true; $field["validation_message"] = __("Your emails do not match.", "gravityforms"); $is_valid = false; } } } break; case "donation": case "price": if (!class_exists("RGCurrency")) { require_once "currency.php"; } $donation = GFCommon::to_number($value); if (!empty($value) && ($donation === false || $donation <= 0)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid donation", "gravityforms") : $field["errorMessage"]; $is_valid = false; } break; case "number": if (trim($value) != '' && !self::validate_range($field, $value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? GFCommon::get_range_message($field) : $field["errorMessage"]; $is_valid = false; } break; case "phone": $regex = '/^\\D?(\\d{3})\\D?\\D?(\\d{3})\\D?(\\d{4})$/'; if ($field["phoneFormat"] == "standard" && !empty($value) && !preg_match($regex, $value)) { $field["failed_validation"] = true; if (!empty($field["errorMessage"])) { $field["validation_message"] = $field["errorMessage"]; } $is_valid = false; } break; case "date": if (is_array($value) && empty($value[0])) { $value = null; } if (!empty($value)) { $format = empty($field["dateFormat"]) ? "mdy" : $field["dateFormat"]; $date = GFCommon::parse_date($value, $format); if (empty($date) || !checkdate($date["month"], $date["day"], $date["year"])) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? sprintf(__("Please enter a valid date in the format (%s).", "gravityforms"), $format == "mdy" ? "mm/dd/yyyy" : "dd/mm/yyyy") : $field["errorMessage"]; $is_valid = false; } } break; case "time": //create variable values if time came in one field if (!is_array($value) && !empty($value)) { preg_match('/^(\\d*):(\\d*) (.*)$/', $value, $matches); $value = array(); $value[0] = $matches[1]; $value[1] = $matches[2]; } $hour = $value[0]; $minute = $value[1]; if (empty($hour) && empty($minute)) { break; } $is_valid_format = is_numeric($hour) && is_numeric($minute); if (!$is_valid_format || $hour <= 0 || $hour > 12 || $minute < 0 || $minute >= 60) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid time.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } break; case "website": if (empty($value) || $value == "http://") { $value = ""; if ($field["isRequired"]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } } if (!empty($value) && !GFCommon::is_valid_url($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid Website URL (i.e. http://www.gravityforms.com).", "gravityforms") : $field["errorMessage"]; $is_valid = false; } break; case "captcha": switch ($field["captchaType"]) { case "simple_captcha": if (class_exists("ReallySimpleCaptcha")) { $prefix = $_POST["input_captcha_prefix_{$field["id"]}"]; $captcha_obj = GFCommon::get_simple_captcha(); if (!$captcha_obj->check($prefix, str_replace(" ", "", $value))) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The CAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } //removes current captcha file $captcha_obj->remove($prefix); //removes old files in captcha folder (older than 1 hour); $captcha_obj->cleanup(); } break; case "math": $prefixes = explode(",", $_POST["input_captcha_prefix_{$field["id"]}"]); $captcha_obj = GFCommon::get_simple_captcha(); //finding first number $first = 0; for ($first = 0; $first < 10; $first++) { if ($captcha_obj->check($prefixes[0], $first)) { break; } } //finding second number $second = 0; for ($second = 0; $second < 10; $second++) { if ($captcha_obj->check($prefixes[2], $second)) { break; } } //if it is a +, perform the sum if ($captcha_obj->check($prefixes[1], "+")) { $result = $first + $second; } else { $result = $first - $second; } if (intval($result) != intval($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The CAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } //removes current captcha file $captcha_obj->remove($prefix); //removes old files in captcha folder (older than 1 hour); $captcha_obj->cleanup(); break; default: if (!function_exists("recaptcha_get_html")) { require_once GFCommon::get_base_path() . '/recaptchalib.php'; } $privatekey = get_option("rg_gforms_captcha_private_key"); $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The reCAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } } break; case "fileupload": case "post_image": $info = pathinfo($_FILES["input_" . $field["id"]]["name"]); $allowedExtensions = self::clean_extensions(explode(",", strtolower($field["allowedExtensions"]))); $extension = strtolower(rgget("extension", $info)); if (empty($field["allowedExtensions"]) && in_array($extension, array("php", "asp", "exe", "com", "htaccess"))) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The uploaded file type is not allowed.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } else { if (!empty($field["allowedExtensions"]) && !empty($info["basename"]) && !in_array($extension, $allowedExtensions)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? sprintf(__("The uploaded file type is not allowed. Must be one of the following: %s", "gravityforms"), strtolower($field["allowedExtensions"])) : $field["errorMessage"]; $is_valid = false; } } break; case "singleproduct": $quantity = rgget($field["id"] . "3", $value); if (empty($quantity)) { $quantity = 0; } if (!is_numeric($quantity) || intval($quantity) != floatval($quantity)) { $field["failed_validation"] = true; $field["validation_message"] = __("Please enter a valid quantity", "gravityforms"); $is_valid = false; } break; } } } } } $validation_result = apply_filters("gform_validation_{$form["id"]}", apply_filters("gform_validation", array("is_valid" => $is_valid, "form" => $form))); $is_valid = $validation_result["is_valid"]; $form = $validation_result["form"]; return $is_valid; }
public static function validate(&$form, $field_values) { $is_valid = true; foreach ($form["fields"] as &$field) { //ignore validation if field is hidden if (RGFormsModel::is_field_hidden($form, $field, $field_values)) { continue; } $value = RGFormsModel::get_field_value($field); //display error message if field is marked as required and the submitted value is empty if ($field["isRequired"] && self::is_empty($field)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a value.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } else { if ($field["noDuplicates"] && RGFormsModel::is_duplicate($form["id"], $field, $value)) { $field["failed_validation"] = true; $field["validation_message"] = is_array($value) ? __("This field requires an unique entry and the values you entered have been already been used", "gravityforms") : __(sprintf("This field requires an unique entry and '%s' has already been used", $value), "gravityforms"); $is_valid = false; } else { switch (RGFormsModel::get_input_type($field)) { case "name": if ($field["isRequired"] && $field["nameFormat"] != "simple") { $first = $_POST["input_" . $field["id"] . "_3"]; $last = $_POST["input_" . $field["id"] . "_6"]; if (empty($first) || empty($last)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter the first and last name.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } } break; case "address": if ($field["isRequired"]) { $street = $_POST["input_" . $field["id"] . "_1"]; $city = $_POST["input_" . $field["id"] . "_3"]; $state = $_POST["input_" . $field["id"] . "_4"]; $zip = $_POST["input_" . $field["id"] . "_5"]; $country = $_POST["input_" . $field["id"] . "_6"]; if (empty($street) || empty($city) || empty($state) || empty($zip) || empty($country)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a complete address.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } } break; case "email": if (!empty($value) && !GFCommon::is_valid_email($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid email address.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } break; case "number": if (trim($value) != '' && !self::validate_range($field, $value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? GFCommon::get_range_message($field) : $field["errorMessage"]; $is_valid = false; } break; case "phone": $regex = '/^\\D?(\\d{3})\\D?\\D?(\\d{3})\\D?(\\d{4})$/'; if ($field["phoneFormat"] == "standard" && !empty($value) && !preg_match($regex, $value)) { $field["failed_validation"] = true; if (!empty($field["errorMessage"])) { $field["validation_message"] = $field["errorMessage"]; } $is_valid = false; } break; case "date": if (is_array($value) && empty($value[0])) { $value = null; } if (!empty($value)) { $format = empty($field["dateFormat"]) ? "mdy" : $field["dateFormat"]; $date = GFCommon::parse_date($value, $format); if (empty($date) || !checkdate($date["month"], $date["day"], $date["year"])) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __(sprintf("Please enter a valid date in the format (%s).", $format == "mdy" ? "mm/dd/yyyy" : "dd/mm/yyyy"), "gravityforms") : $field["errorMessage"]; $is_valid = false; } } break; case "time": //create variable values if time came in one field if (!is_array($value) && !empty($value)) { preg_match('/^(\\d*):(\\d*) (.*)$/', $value, $matches); $value = array(); $value[0] = $matches[1]; $value[1] = $matches[2]; } $hour = $value[0]; $minute = $value[1]; if (empty($hour) && empty($minute)) { break; } $is_valid_format = is_numeric($hour) && is_numeric($minute); if (!$is_valid_format || $hour <= 0 || $hour > 12 || $minute < 0 || $minute >= 60) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid time.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } break; case "website": if ($value == "http://") { $value = ""; if ($field["isRequired"]) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a value.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } } if (!empty($value) && !GFCommon::is_valid_url($value)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid Website URL (i.e. http://www.gravityforms.com).", "gravityforms") : $field["errorMessage"]; $is_valid = false; } break; case "captcha": if (!function_exists("recaptcha_get_html")) { require_once GFCommon::get_base_path() . '/recaptchalib.php'; } $privatekey = get_option("rg_gforms_captcha_private_key"); $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The reCAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } break; case "fileupload": case "post_image": $info = pathinfo($_FILES["input_" . $field["id"]]["name"]); $allowedExtensions = self::clean_extensions(explode(",", strtolower($field["allowedExtensions"]))); $extension = strtolower($info["extension"]); if (empty($field["allowedExtensions"]) && in_array($extension, array("php", "asp", "exe", "com", "htaccess"))) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? __("The uploaded file type is not allowed.", "gravityforms") : $field["errorMessage"]; $is_valid = false; } else { if (!empty($field["allowedExtensions"]) && !empty($info["basename"]) && !in_array($extension, $allowedExtensions)) { $field["failed_validation"] = true; $field["validation_message"] = empty($field["errorMessage"]) ? sprintf(__("The uploaded file type is not allowed. Must be one of the following: %s", "gravityforms"), strtolower($field["allowedExtensions"])) : $field["errorMessage"]; $is_valid = false; } } break; } } } } return $is_valid; }