public function verifyActionData() { $returnValue = true; if ($this->action_id != NULL && !TasksappValidator::checkInteger($this->action_id)) { $this->errorArray['action_id'] = true; } if (!TasksappValidator::checkString($this->action)) { $this->errorArray['action'] = true; } if (!TasksappValidator::checkList($this->importance, array("0", "1", "2", "3", "4", "wf"))) { $this->errorArray['importance'] = true; } if (!TasksappValidator::checkDate($this->dateDue)) { $this->errorArray['dateDue'] = true; } if (!TasksappValidator::checkList($this->context, Command::getContexts())) { $this->errorArray['context'] = true; } if (!TasksappValidator::checkInteger($this->project_id)) { $this->errorArray['project_id'] = true; } if (count($this->errorArray) != 0) { $returnValue = false; } return $returnValue; }
/** * Validate users details * * This method checks the user's given details with the database to make * sure the password given is the same as we hold in the database. Return * True if it is, False if it is not. * * @return Boolean * */ public static function checkUserDetails($uname, $pword) { $mysql = new PDOConfig(); $returnValue = False; $clean = array(); $resultArray = array(); if (isset($uname) && TasksappValidator::checkPassword($uname)) { $clean['username'] = $uname; } if (isset($pword) && TasksappValidator::checkPassword($pword)) { $clean['password'] = $pword; } $query = $mysql->prepare("SELECT user_id, username, password from gl_user WHERE username=:username LIMIT 1"); $query->execute(array(':username' => $clean['username'])); foreach ($query->fetchAll() as $row) { $resultArray = $row; } print md5(Config::mySalt . $clean['password']); if (count($resultArray) && $clean['username'] == $resultArray['username'] && md5(Config::mySalt . $clean['password']) == $resultArray['password']) { $_SESSION['user_id'] = $resultArray['user_id']; $_SESSION['username'] = $resultArray['username']; $_SESSION['usertype'] = $resultArray['usertype']; $returnValue = True; } return $returnValue; }
/** * Validate an importance variable * * Tests that the input is a nmber, and that it is in the array of acceptable * values * * @param Integer $testDate The importance to validate * * @return Bool * */ public static function checkImportance($testInteger) { $impValues = array(0, 1, 2, 3, 4, 5, 6); if (TasksappValidator::checkInteger($testInteger) && in_array($testInteger, $impValues)) { return True; } else { return False; } }
/** * Verifies that the project data is safe to be saved to the database * * Uses the Validator class to make sure that all of the data passed in to * populate the ivars is valid. An error is raised for any that fail, and * this should be used to provide feedback to the user to fix any details * that are not correct. * * @return Bool * */ public function verifyData() { $returnValue = True; if (!TasksappValidator::checkId($this->project_id) && $this->project_id != NULL) { $this->errorArray['project_id'] = True; $returnValue = False; } if (!TasksappValidator::checkId($this->client_id)) { $this->errorArray['client_id'] = True; $returnValue = False; } if (!TasksappValidator::checkString($this->name)) { $this->errorArray['name'] = True; $returnValue = False; } /** * Removing check on notes as we want to allow any thing to be stored * here as long as it is escaped correctly * * if(!TasksappValidator::isBlank($this->notes)) { * $this->errorArray['notes'] = True; * $returnValue = False; * } */ if (!TasksappValidator::checkImportance($this->importance)) { $this->errorArray['importance'] = True; $returnValue = False; } if (!TasksappValidator::checkDone($this->done)) { $this->errorArray['done'] = True; $returnValue = False; } return $returnValue; }
<?php $actionID = $this->id(); Command::captureUrl(); if (TasksappValidator::checkInteger($actionID)) { $db = Database::getInstance(); $inputArray = $db->getActionByActionID($actionID); $action = $inputArray[0]; } else { $action = new Action($_POST); if ($action->verifyActionData()) { $action->save(); header("Location: " . Command::retrieveUrl()); exit; } } $projectsArray = Command::getProjectList($action->client_id()); include_once '../views/showEditActionForm.php';
/** * Return a dynamic array of user's current projects * * This method queries the database and uses the result to populate an array * containing project_id/name pairs. This array is returned to the calling * script, mainly to facilitate display of all a user's projects using the * ProjectContainer class. * * @param void * @return Array * */ public static function getProjectList($client_id) { $db = Database::getInstance(); $projectsArray[1] = "@inbox"; foreach ($db->getProjectsInScope($client_id) as $row) { if (TasksappValidator::checkInteger(intval($row->project_id())) && TasksappValidator::checkString($row->name())) { $projectsArray[$row->project_id()] = $row->name(); } } return $projectsArray; }