if ($field['Required']) {
?>
<span style="color: #FF0000;">*</span><?php
}
?>
</td>
<?php
if ($confirm || $finished) {
if ($field['ValFunction'] == 31) {
// credit card number
?>
<td><?php
echo ccMaskNumber($_POST[$field['GFID']]);
?>
(<?php
echo ccCalculateType($_POST[$field['GFID']]);
?>
)
<?php
if (!$finished) {
?>
<input name="<?php
echo $field['GFID'];
?>
" type="hidden" id="<?php
echo $field['GFID'];
?>
" value="<?php
echo ccEncrypt($_POST[$field['GFID']]);
?>
" <?php
// text field
?>
<tr valign="top">
<td width="<?php
echo $group['CaptWidth'];
?>
"><?php
echo $field['Caption'];
?>
</td>
<td><?php
echo $rego[$field['UID']];
if ($field['ValFunction'] == 31) {
?>
(<?php
echo ccCalculateType($rego[$field['UID']]);
?>
)<?php
}
?>
</td>
</tr>
<?php
break;
case 3:
// text area
?>
<tr valign="top">
<td width="<?php
echo $group['CaptWidth'];
?>
function vfValidate($valFunction, &$fieldValue, &$message, $db = NULL, $acceptedCards = "")
{
switch ($valFunction) {
case 11:
// numeric only
$valid = preg_match("/^[0-9]+\$/", $fieldValue);
if (!$valid) {
$message = "Must only contain numbers.";
}
return $valid;
break;
case 12:
// numeric only (including spaces and dashes)
$valid = preg_match("/^[0-9\\ \\-]+\$/", $fieldValue);
if (!$valid) {
$message = "Must only contain numbers, spaces and dashes.";
}
return $valid;
break;
case 13:
// phone number (characters and basic syntax)
$valid = preg_match("/^(\\+[0-9]{1,3}\\ ?)?(\\([0-9]+\\)\\ ?)?[0-9][0-9\\ \\-]+\$/", $fieldValue);
if (!$valid) {
$message = "Invalid phone number.";
}
return $valid;
break;
case 14:
// email address (syntax only)
$valid = preg_match("/^([_a-z0-9-]+)(\\.[_a-z0-9-]+)*@([a-z0-9-]+)(\\.[a-z0-9-]+)*(\\.[a-z]{2,6})\$/i", $fieldValue);
if (!$valid) {
$message = "Invalid email address.";
}
return $valid;
break;
case 15:
// web site/page (syntax only)
$valid = preg_match("/^(https?:\\/\\/)?([a-z0-9-]+)(\\.[a-z0-9-]+)*(\\.[a-z]{2,6})(:[0-9]{1,5})?\\/?/i", $fieldValue);
if (!$valid) {
$message = "Invalid website.";
}
return $valid;
break;
case 21:
// registered username
$rsVal = $db->Execute("SELECT MemberName " . "FROM " . $GLOBALS['DB_PREFIX'] . "Member " . "WHERE MemberName = '" . $fieldValue . "'");
if ($valid = $val = $rsVal->FetchRow()) {
// correct case of field value by retrieving it from database
$fieldVal = $val['MemberName'];
} else {
$message = "Username not in database.";
}
return $valid;
break;
case 22:
// registered author
$rsVal = $db->Execute("SELECT CONCAT_WS(' ', FirstName, MiddleName, LastName) AS Author" . "FROM " . $GLOBALS['DB_PREFIX'] . "Member " . "WHERE CONCAT_WS(' ', FirstName, MiddleName, LastName) = '" . $fieldValue . "'");
if ($valid = $val = $rsVal->FetchRow()) {
// correct case of field value by retrieving it from database
$fieldVal = $val['Author'];
} else {
$message = "Author name not in database.";
}
return $valid;
break;
case 23:
// registered paper name
$rsVal = $db->Execute("SELECT Title " . "FROM " . $GLOBALS['DB_PREFIX'] . "Paper " . "WHERE Title = '" . $fieldValue . "'");
if ($valid = $val = $rsVal->FetchRow()) {
// correct case of field value by retrieving it from database
$fieldVal = $val['Title'];
} else {
$message = "Paper name not in database.";
}
return $valid;
break;
case 31:
// credit card number
// check card number syntax
if (($cardType = ccCalculateType($fieldValue)) !== false) {
// check if card is accepted
if (in_array($cardType, explode("|", $acceptedCards))) {
// check card number checkdigit
if (ccCheckNumber($fieldValue)) {
return true;
} else {
$message = "Invalid credit card number.";
return false;
}
} else {
$message = $cardType . " is not accepted.";
return false;
}
} else {
$message = "Invalid credit card number.";
return false;
}
break;
case 32:
// credit card expiry date
$valid = ccCheckExpiry($fieldValue, $message);
if (!$valid) {
$message = $message > "" ? $message : "Invalid expiry date.";
}
return $valid;
break;
default:
// invalid validation function, assume correct
return true;
break;
}
}
