public function isValid($value)
{
$validation = !parent::isValid($value);
if ($validation) {
return true;
} else {
$this->_error(self::Are_Equal);
return false;
}
}
public function testValidatingTokenArray()
{
$validator = new Zend_Validate_Identical(array('token' => 123));
$this->assertTrue($validator->isValid(123));
$this->assertFalse($validator->isValid(array('token' => 123)));
}
$errors['username'] = '******' . $_POST['username'] . ' already exists' . '</p>';
}
}
// Validate password
//
$length->setMin(8);
$val = new Zend_Validate();
$val->addValidator($length);
$val->addValidator(new Zend_Validate_Alnum());
if (!$val->isValid($_POST['password'])) {
$errors['password'] = '******' . 'Password must be 8-15 characters' . '</p>';
}
// Confirm passwords
//
$val = new Zend_Validate_Identical($_POST['password']);
if (!$val->isValid($_POST['conf_password'])) {
$errors['conf_password'] = '******' . 'Passwords don\'t match' . '</p>';
}
// Validate email
//
$val = new Zend_Validate_EmailAddress();
if (!$val->isValid($_POST['email'])) {
$errors['email'] = '<p class="add_user_error">' . 'Invalid email address' . '</p>';
}
// If all data validated, then add new user
//
if (!$errors) {
$data = array('first_name' => $_POST['first_name'], 'surname' => $_POST['surname'], 'username' => $_POST['username'], 'email' => $_POST['email'], 'password' => sha1($_POST['password']));
$dbWrite->insert('users', $data);
header('Location: login.php');
}
public function testValidatingNonStrictToken()
{
$validator = new Zend_Validate_Identical(array('token' => 123, 'strict' => false));
$this->assertTrue($validator->isValid('123'));
$validator->setStrict(true);
$this->assertFalse($validator->isValid(array('token' => '123')));
}
/**
* Defined by Zend_Validate_Interface
*
* Returns true if and only if a token has been set and the provided value
* matches that token.
*
* @param mixed $value
* @param mixed $context
*
* @return boolean
*/
public function isValid($value, $context = null)
{
if (null !== $this->_field && isset($context[$this->getField()])) {
$this->setToken($context[$this->getField()]);
}
return parent::isValid($value, $context);
}
/**
* Validates the input string against a list of valid recipients.
*
* @param string $input The input to be validated as a recipient.
*
* @return bool True if input string is a valid recipient, otherwise
* False.
*/
public function isValid($input)
{
$auditor = ESAPI::getAuditor('App_Validate_Recipient');
if (!is_string($input)) {
$auditor->warning(Auditor::SECURITY, false, 'isValid expects a string!');
$this->_error(self::INVALID);
return false;
}
if ($this->_recipients instanceof Zend_Config !== true) {
$this->_error(self::INVALID_RECIPIENT);
$auditor->warning(Auditor::SECURITY, false, 'isValid requires an array of recipients!');
return false;
}
$encoder = ESAPI::getEncoder();
// canonicalise the input string.
$canonical = null;
try {
$canonical = $encoder->canonicalize($input, true);
} catch (Exception $e) {
// Process the input no further.
$this->_error(self::INVALID_RECIPIENT);
$auditor->warning(Auditor::SECURITY, false, 'isValid rejected a string in which double or mixed encoding was detected.', $e);
return false;
}
// Convert input to lower case
$charEnc = mb_detect_encoding($canonical);
$canonicalLower = mb_strtolower($canonical, $charEnc);
// Get a whitespace removal filter
$whitespace = new Zend_Filter_PregReplace(array('match' => '/ /', 'replace' => ''));
// for each of our valid recipients use an identical validator
// to determine whether $canonical matches.
$validator = new Zend_Validate_Identical();
foreach ($this->_recipients as $_ => $cfg) {
foreach ($cfg as $key => $validRecipient) {
if ($key !== 'display') {
continue;
}
$charEnc = mb_detect_encoding($validRecipient . '');
$validRecipientL = mb_strtolower($validRecipient, $charEnc);
$validRecipientS = $whitespace->filter($validRecipientL);
$validator->setToken($validRecipientL);
if ($validator->isValid($canonicalLower)) {
return true;
}
$validator->setToken($validRecipientS);
if ($validator->isValid($canonicalLower)) {
return true;
}
}
}
// if that fails, the form has been tampered with or a dummy option has
// been selected - check for the latter of these now:
foreach ($this->_dummyRecipients as $dummy => $value) {
$charEnc = mb_detect_encoding($dummy . '');
$dummyL = mb_strtolower($dummy, $charEnc);
$dummyS = $whitespace->filter($dummyL);
$validator->setToken($dummyL);
if ($validator->isValid($canonicalLower)) {
$this->_error(self::DUMMY_RECIPIENT);
return false;
}
$validator->setToken($dummyS);
if ($validator->isValid($canonicalLower)) {
$this->_error(self::DUMMY_RECIPIENT);
return false;
}
}
$auditor->warning(Auditor::SECURITY, false, "isValid. Input [{$canonicalLower}] is not a valid recipient.");
$this->_error(self::INVALID_RECIPIENT);
return false;
}
/**
* Validates the POST half of a double submit cookie against the COOKIE half
* and both against string length and character set constraints.
*
* @param string $value The POST half of a double submit cookie from, for
* example a hidden HTML form field.
*
* @return null
*/
public function isValid($value)
{
$auditor = ESAPI::getAuditor('App_Validate_Token');
$canonicalPostToken = ESAPI::getEncoder()->canonicalize($value, false);
$this->_setValue($canonicalPostToken);
$isValid = false;
$v_len = new Zend_Validate_StringLength($this->_expectedLen, $this->_expectedLen);
if ($v_len->isValid($canonicalPostToken) !== true) {
$this->_error(self::POST_BAD_LENGTH);
$auditor->warning(Auditor::SECURITY, false, $this->_messageTemplates[self::POST_BAD_LENGTH]);
return false;
}
$v_regex = new Custom_Validate_Charset($this->_expectedCharset);
if ($v_regex->isValid($canonicalPostToken) !== true) {
$this->_error(self::POST_BAD_CHARSET);
$auditor->warning(Auditor::SECURITY, false, $this->_messageTemplates[self::POST_BAD_CHARSET]);
return false;
}
$controller = Zend_Controller_Front::getInstance();
$req = $controller->getRequest();
$cookieVal = $req->getCookie($this->_cookieName);
$canonicalCookie = ESAPI::getEncoder()->canonicalize($cookieVal, false);
if ($canonicalCookie === null) {
$this->_error(self::MISSING_COOKIE);
$auditor->warning(Auditor::SECURITY, false, $this->_messageTemplates[self::MISSING_COOKIE]);
return false;
}
if ($v_len->isValid($canonicalCookie) !== true) {
$this->_error(self::COOKIE_BAD_LENGTH);
$auditor->warning(Auditor::SECURITY, false, $this->_messageTemplates[self::COOKIE_BAD_LENGTH]);
return false;
}
if ($v_regex->isValid($canonicalCookie) !== true) {
$this->_error(self::COOKIE_BAD_CHARSET);
$auditor->warning(Auditor::SECURITY, false, $this->_messageTemplates[self::COOKIE_BAD_CHARSET]);
return false;
}
$v_identical = new Zend_Validate_Identical($this->_value);
if ($v_identical->isValid($canonicalCookie) !== true) {
$this->_error(self::TOKENS_DIFFER);
$auditor->warning(Auditor::SECURITY, false, $this->_messageTemplates[self::TOKENS_DIFFER]);
return false;
}
return true;
}
/**
* Validates the password
*
* @return boolean
*/
protected function _validatePassword()
{
$validator = new Sanmax_Validate_PasswordStrength();
$validator->setRequireDigit(false)->setRequireLowercase(false)->setRequireUppercase(false);
$msg = Sanmax_MessageStack::getInstance('SxCms_User');
if (!$validator->isValid($this->_user->getPassword())) {
$msg->addMessage('password', $validator->getMessages());
return false;
}
$validator = new Zend_Validate_Identical($this->_user->getPassword());
if (!$validator->isValid($this->_passwordRepeat)) {
$msg->addMessage('password_repeat', $validator->getMessages(), 'password');
}
return false == ($msg->getMessages('password') && $msg->getMessages('password_repeat'));
}
