/** * Checks sent form. Returns true on success, an (X)HTML error message on failure. * * @param string $id A form ID. * * @return mixed * * @global array The configuration of the plugins. * @global array The localization of the plugins. */ function Advancedform_check($id) { global $plugin_cf, $plugin_tx; $pcf = $plugin_cf['advancedform']; $ptx = $plugin_tx['advancedform']; $o = ''; $forms = Advancedform_db(); $form = $forms[$id]; foreach ($form['fields'] as $field) { $name = 'advfrm-' . $field['field']; if ($field['type'] != 'file' && $field['type'] != 'multi_select' && empty($_POST[$name]) || $field['type'] == 'file' && empty($_FILES[$name]['name']) || $field['type'] == 'multi_select' && (!isset($_POST[$name]) || count($_POST[$name]) == 1 && empty($_POST[$name][0]))) { if ($field['required']) { $o .= '<li>' . sprintf($ptx['error_missing_field'], Advancedform_hsc($field['label'])) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } } else { switch ($field['type']) { case 'from': case 'mail': if (!preg_match($pcf['mail_regexp'], stsl($_POST[$name]))) { $o .= '<li>' . sprintf($ptx['error_invalid_email'], Advancedform_hsc($field['label'])) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } break; case 'date': $pattern = '/^([0-9]+)\\' . $ptx['date_delimiter'] . '([0-9]+)\\' . $ptx['date_delimiter'] . '([0-9]+)$/'; $matched = preg_match($pattern, stsl($_POST[$name]), $matches); if (count($matches) == 4) { $month = $matches[strpos($ptx['date_order'], 'm') + 1]; $day = $matches[strpos($ptx['date_order'], 'd') + 1]; $year = $matches[strpos($ptx['date_order'], 'y') + 1]; } if (!$matched || !checkdate($month, $day, $year)) { $o .= '<li>' . sprintf($ptx['error_invalid_date'], Advancedform_hsc($field['label'])) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } break; case 'number': if (!ctype_digit(stsl($_POST[$name]))) { $o .= '<li>' . sprintf($ptx['error_invalid_number'], Advancedform_hsc($field['label'])) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } break; case 'file': $props = explode("¦", $field['props']); switch ($_FILES[$name]['error']) { case UPLOAD_ERR_OK: if (!empty($props[ADVFRM_PROP_MAXLEN]) && $_FILES[$name]['size'] > $props[ADVFRM_PROP_MAXLEN]) { $o .= '<li>' . sprintf($ptx['error_upload_too_large'], Advancedform_hsc($field['label'])) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } break; case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: $o .= '<li>' . sprintf($ptx['error_upload_too_large'], Advancedform_hsc($field['label'])) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); break; default: $o .= '<li>' . sprintf($ptx['error_upload_general'], Advancedform_hsc($field['label'])) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } $ext = pathinfo($_FILES[$name]['name'], PATHINFO_EXTENSION); if (!empty($props[ADVFRM_PROP_FTYPES]) && !in_array($ext, explode(',', $props[ADVFRM_PROP_FTYPES]))) { $o .= '<li>' . sprintf($ptx['error_upload_illegal_ftype'], Advancedform_hsc($field['label']), Advancedform_hsc($ext)) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } break; case 'custom': $props = explode("¦", $field['props']); $pattern = $props[ADVFRM_PROP_CONSTRAINT]; if (!empty($pattern) && !preg_match($pattern, stsl($_POST[$name]))) { $msg = empty($props[ADVFRM_PROP_ERROR_MSG]) ? $ptx['error_invalid_custom'] : $props[ADVFRM_PROP_ERROR_MSG]; $o .= '<li>' . sprintf($msg, $field['label']) . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } } if (function_exists('advfrm_custom_valid_field')) { $value = $field['type'] == 'file' ? $_FILES[$name] : stsl($_POST[$name]); $valid = advfrm_custom_valid_field($id, $field['field'], $value); if ($valid !== true) { $o .= '<li>' . $valid . '</li>' . PHP_EOL; Advancedform_focusField($id, $name); } } } } if ($form['captcha']) { if (!call_user_func($pcf['captcha_plugin'] . '_captcha_check')) { $o .= '<li>' . $ptx['error_captcha_code'] . '</li>' . PHP_EOL; Advancedform_focusField($id, 'advancedform-captcha'); } } return $o == '' ? true : '<ul class="advfrm-error">' . PHP_EOL . $o . '</ul>' . PHP_EOL; }
/** * Validates a filled in field wrt. custom constraints. * * @return string (X)HTML. */ protected function validateFilledInFieldCustom() { $o = ''; if (function_exists('advfrm_custom_valid_field')) { $value = $this->field->getType() == 'file' ? $_FILES[$this->name] : stsl($_POST[$this->name]); $valid = advfrm_custom_valid_field($this->formId, $this->field->getName(), $value); if ($valid !== true) { $o .= '<li>' . $valid . '</li>' . PHP_EOL; Controller::focusField($this->formId, $this->name); } } return $o; }