/** * Returns an instance of StringValidationRule constructed with a regex * pattern for validating Credit Card Numbers obtained from the ESAPI * SecurityConfiguration. * * @return object object of type StringValidationRule. */ private function _getCCRule() { global $ESAPI; $config = ESAPI::getSecurityConfiguration(); $pattern = $config->getValidationPattern(self::CREDIT_CARD_VALIDATOR_KEY); $ccr = new StringValidationRule('CreditCardValidator', $this->encoder, $pattern); $ccr->setMaximumLength(19); $ccr->setAllowNull(false); return $ccr; }
/** * Helper method to validate input and return the canonicalized, validated value * if valid. * * @param string $context A description of the input to be validated. * @param string $input The input to validate. * @param string $pattern The regex pattern against which to validate the * supplied input. * @param string $type A descriptive name for the StringValidationRule. * @param int $maxLength The maximum post-canonicalized length of valid * inputs. * @param bool $allowNULL Whether an empty string is considered valid input. * * @throws ValidationException * * @return string canonicalized, valid inputs only. */ private function _getIfValid($context, $input, $pattern, $type, $maxLength, $allowNull) { $validationRule = new StringValidationRule($type, $this->_encoder); if ($pattern != null) { $validationRule->addWhitelistPattern($pattern); } $validationRule->setMaximumLength($maxLength); $validationRule->setAllowNull($allowNull); return $validationRule->getValid($context, $input); }
/** * Implements corresponding isValidXX logic. * * @param string $context Please see corresponding isValidXX description. * @param string $input Please see corresponding isValidXX description. * @param string $type Please see corresponding isValidXX description. * @param int $maxLength Please see corresponding isValidXX description. * @param bool $allowNull Please see corresponding isValidXX description. * * @return does not return a value. * @throws ValidationException thrown if input is invalid. * @throws IntrusionException thrown if intrusion is detected. */ private function _assertValidInput($context, $input, $type, $maxLength, $allowNull) { $validationRule = new StringValidationRule($type, $this->_encoder); $config = ESAPI::getSecurityConfiguration(); $pattern = $config->getValidationPattern($type); if ($pattern !== false) { $validationRule->addWhitelistPattern($pattern); } else { $validationRule->addWhitelistPattern($type); } $validationRule->setMaximumLength($maxLength); $validationRule->setAllowNull($allowNull); $validationRule->assertValid($context, $input); return null; }
/** * getValid does not treat '0' as empty. disallows empty values when * allowNull is false. */ function testStringVR_getValid_Empty() { $svr = new StringValidationRule('A_String', null, '^.*$'); $this->assertTrue($svr->isValid('testStringVR_getValid_Empty', '0')); $this->assertFalse($svr->isValid('testStringVR_getValid_Empty', '')); $this->assertFalse($svr->isValid('testStringVR_getValid_Empty', null)); $svr->setAllowNull(true); $this->assertTrue($svr->isValid('testStringVR_getValid_Empty', '')); $this->assertTrue($svr->isValid('testStringVR_getValid_Empty', null)); }