/**
* Validate data settings
* See also sumo_settings_data() in libs/lib.core.php
*/
function sumo_validate_data_settings($data = array(), $message = FALSE)
{
$elements = count($data);
$err = FALSE;
if ($elements > 0) {
for ($d = 0; $d < $elements; $d++) {
if ($data[$d][2] == 1 || $data[$d][2] == 0 && $data[$d][1]) {
switch ($data[$d][0]) {
case 'date_format':
if (!ereg("[BdDFjlLmMnrStTwWYyz:\\./\\-]+", $data[$d][1])) {
$err = 'W06011C';
}
break;
case 'time_format':
if (!ereg("[aABgGhHiIOrsTU.:-]+", $data[$d][1])) {
$err = 'W06010C';
}
break;
case 'admin_name':
if (!preg_match('/^[a-z0-9' . SUMO_REGEXP_ALLOWED_CHARS . '\'\\/\\\\_\\-\\ ]{0,50}$/i', $data[$d][1])) {
$err = 'W06012C';
}
break;
case 'accounts.life':
if ($data[$d][1] < 0) {
$err = 'W06001C';
}
break;
case 'accounts.registration.life':
if ($data[$d][1] < 1) {
$err = 'W06007C';
}
break;
// see also sumo_validate_data_accesspoint()
// see also sumo_validate_data_accesspoint()
case 'accesspoints.name':
$languages = sumo_get_available_languages();
for ($l = 0; $l < count($languages); $l++) {
if (!preg_match("/^[a-z0-9\\-\\_\\.\\=\\&\\/\\\\'\\ " . SUMO_REGEXP_ALLOWED_CHARS . "]{5,128}\$/i", $data[$d][1][$languages[$l]])) {
$err = 'W00031C';
}
}
break;
// see also sumo_validate_data_accesspoint()
// see also sumo_validate_data_accesspoint()
case 'accesspoints.group':
if (!sumo_validate_group($data[$d][1], FALSE)) {
$err = 'W07002C';
}
break;
// see also sumo_validate_data_accesspoint()
// see also sumo_validate_data_accesspoint()
case 'accesspoints.theme':
if (!in_array($data[$d][1], sumo_get_available_themes())) {
$err = 'W00033C';
}
break;
case 'security.banned_time':
if ($data[$d][1] < 5) {
$err = 'W06002C';
}
break;
case 'security.max_login_attempts':
if ($data[$d][1] < 3) {
$err = 'W06004C';
}
break;
case 'connections.timeout':
if ($data[$d][1] < 10) {
$err = 'W06005C';
}
break;
case 'sessions.timeout':
if ($data[$d][1] < 60) {
$err = 'W06006C';
}
break;
case 'database.optimize_hits':
if ($data[$d][1] < 100) {
$err = 'W06008C';
}
break;
case 'logs.life':
if ($data[$d][1] < 0) {
$err = 'W06003C';
}
break;
case 'logs.file.size':
if ($data[$d][1] < 32) {
$err = 'W06005C';
}
break;
case 'language':
if (!in_array($data[$d][1], sumo_get_available_languages())) {
$err = 'W00021C';
}
break;
case 'email':
if (!sumo_validate_email($data[$d][1])) {
$err = 'W00007C';
}
break;
case 'boolean':
if ($data[$d][1] != 0 && $data[$d][1] != 1) {
$err = 'W00032C';
}
break;
default:
$err = 'W00019C';
break;
}
if ($err) {
break;
}
}
}
if ($message) {
if (!$err) {
return array(TRUE, '');
} else {
return array(FALSE, sumo_get_message($err) . "<br>[expect:" . $data[$d][0] . "]");
}
} else {
if (!$err) {
return TRUE;
} else {
return FALSE;
}
}
} else {
return FALSE;
}
}
/**
* Update user group
*/
function sumo_update_user_group($id = 0, $group = FALSE)
{
$group_level = explode(":", $group);
$id = intval($id);
if ($id > 0 && sumo_validate_group($group) && sumo_verify_permissions($group_level[1], $group_level[0])) {
global $SUMO;
$query1 = "SELECT usergroup FROM " . SUMO_TABLE_USERS . "\n\t\t\t\t WHERE id=" . $id;
$rs = $SUMO['DB']->Execute($query1);
$tab = $rs->FetchRow();
$new_group = sumo_get_normalized_group(str_replace($group, '', $tab[0]));
$query2 = "UPDATE " . SUMO_TABLE_USERS . "\n\t\t\t\t SET usergroup='" . $new_group . "',\n\t\t\t\t \t\tmodified=" . $SUMO['server']['time'] . "\n\t\t\t\t WHERE id=" . $id;
$SUMO['DB']->CacheFlush("SELECT * FROM " . SUMO_TABLE_USERS . "\n\t\t\t\t\t\t \t\t WHERE id=" . $id);
$SUMO['DB']->Execute($query1);
$SUMO['DB']->Execute($query2);
sumo_write_log('I01002X', array($group, $id, $SUMO['user']['user']), '0,1', 3, 'system', FALSE);
return TRUE;
} else {
return FALSE;
}
}
/**
* Validate data
*
* See sumo_validate_data_<module name> for specific validation
* into library module
*
* @author Alberto Basso <*****@*****.**>
*/
function sumo_validate_data($data = array(), $message = FALSE)
{
$elements = count($data);
$err = FALSE;
if ($elements > 0) {
for ($d = 0; $d < $elements; $d++) {
if ($data[$d][2] || !$data[$d][2] && $data[$d][1]) {
switch ($data[$d][0]) {
// the "user" can be also an e-mail address
case 'username':
if (!preg_match('/^[a-z0-9' . SUMO_REGEXP_ALLOWED_CHARS . ']{3,100}$/i', $data[$d][1]) && !sumo_validate_email($data[$d][1])) {
$err = 'W00006C';
}
break;
case 'name':
if (!preg_match("/^[a-z" . SUMO_REGEXP_ALLOWED_CHARS . "\\&\\;\\\\'\\ ]{1,49}\$/i", $data[$d][1])) {
$err = 'W00022C';
}
break;
case 'password':
if (!preg_match('/^[\\.a-z0-9]{40}$/i', $data[$d][1])) {
$err = 'W00011C';
}
// for sha1 string
break;
case 'email':
if (!sumo_validate_email($data[$d][1])) {
$err = 'W00007C';
}
break;
case 'active':
if (!preg_match('/^[0-1]{1}$/', $data[$d][1])) {
$err = 'W00018C';
}
break;
case 'ip':
$ip = sumo_get_iprange($data[$d][1]);
for ($i = 0; $i < count($ip); $i++) {
if (!sumo_validate_ip($ip[$i])) {
$err = 'W00016C';
}
break;
}
break;
case 'usergroup':
if (!sumo_validate_group($data[$d][1])) {
$err = 'W00017C';
}
break;
case 'datasource_id':
$ds = sumo_get_datasource_info($data[$d][1], false);
if (empty($ds)) {
$err = 'W00023C';
}
break;
case 'hostname':
if (!preg_match('/[a-z0-9\\.\\_\\-]{3,255}$/i', $data[$d][1])) {
$err = 'W00025C';
}
break;
case 'port':
if ($data[$d][1] < 1 || $data[$d][1] > 65535) {
$err = 'W00026C';
}
break;
case 'ldap_base':
if (!preg_match('/^[a-z0-9\\.\\,\\:\\;\\_\\-\\=\\\\/\\+\\*\\ ' . SUMO_REGEXP_ALLOWED_CHARS . ']{4,255}$/i', $data[$d][1])) {
$err = 'W00027C';
}
break;
case 'new_password':
if (!sumo_validate_data(array(array('password', $data[$d][1][0])))) {
$err = 'W00011C';
}
if ($data[$d][1][0] != $data[$d][1][1]) {
$err = 'W00024C';
}
break;
// Joomla
// Joomla
case 'new_password2':
if ($data[$d][1][0] != $data[$d][1][1]) {
$err = 'W00024C';
}
break;
case 'day_limit':
if (!preg_match('/^[0-9]{1,4}$/', $data[$d][1])) {
$err = 'W00020C';
}
break;
case 'language':
if (!in_array($data[$d][1], sumo_get_available_languages())) {
$err = 'W00021C';
}
break;
case 'id':
// INT = 256^4-1
if ($data[$d][1] < 1 || $data[$d][1] > 4294967296) {
$err = 'W00029C';
}
break;
default:
$err = 'W00019C';
break;
}
if ($err) {
break;
}
}
}
if ($message) {
return !$err ? array(TRUE, '') : array(FALSE, sumo_get_message($err));
} else {
return !$err ? TRUE : FALSE;
}
} else {
return FALSE;
}
}
/**
* Validate data accesspoint
* See also sumo_validate_data() in libs/lib.core.php
*
* @author Alberto Basso
*/
function sumo_validate_accesspoint_data($data = array(), $message = FALSE)
{
$elements = count($data);
$err = FALSE;
if ($elements > 0) {
for ($d = 0; $d < $elements; $d++) {
if ($data[$d][2] == 1 || $data[$d][2] == 0 && $data[$d][1]) {
switch ($data[$d][0]) {
case 'id':
// INT = 256^4-1
if ($data[$d][1] < 1 || $data[$d][1] > 4294967296) {
$err = 'W00029C';
}
break;
case 'path':
if (!preg_match("/^(\\/)+[_\\.\\/a-z0-9-]{1,}(\\.){1}(php|php4|php5|html|htm|asp|pl|jsp){1}\$/i", $data[$d][1])) {
$err = 'W07003C';
}
break;
case 'node':
if ($data[$d][1] < 1 || $data[$d][1] > 4294967296) {
$err = 'W07004C';
}
break;
case 'name':
$languages = sumo_get_available_languages();
for ($l = 0; $l < count($languages); $l++) {
if (!preg_match("/^[-a-z0-9_\\.\\=\\&\\/\\'" . SUMO_REGEXP_ALLOWED_CHARS . " ]{5,128}\$/i", $data[$d][1][$languages[$l]])) {
$err = 'W00031C';
}
}
break;
case 'usergroup':
if (!sumo_validate_group($data[$d][1], FALSE)) {
$err = 'W07002C';
}
break;
case 'reg_group':
if (!sumo_validate_group($data[$d][1], FALSE)) {
$err = 'W07005C';
}
break;
case 'boolean':
if ($data[$d][1] != 0 && $data[$d][1] != 1) {
$err = 'W00032C';
}
break;
case 'theme':
if (!in_array($data[$d][1], sumo_get_available_themes())) {
$err = 'W00033C';
}
break;
default:
$err = 'W00019C';
break;
}
if ($err) {
break;
}
}
}
if ($message) {
return !$err ? array(TRUE, '') : array(FALSE, sumo_get_message($err));
} else {
return !$err ? TRUE : FALSE;
}
} else {
return FALSE;
}
}
