/** * function to check if an error in Core( non-custom fields ) field * * @param String $errorMessage A string containing all the error-fields. * * @access public */ function isErrorInCoreData($params, &$errorMessage) { require_once 'CRM/Core/OptionGroup.php'; foreach ($params as $key => $value) { if ($value) { $session =& CRM_Core_Session::singleton(); $dateType = $session->get("dateTypes"); switch ($key) { case 'birth_date': if (CRM_Utils_Date::convertToDefaultDate($params, $dateType, $key)) { if (!CRM_Utils_Rule::date($params[$key])) { self::addToErrorMsg(ts('Birth Date'), $errorMessage); } } else { self::addToErrorMsg(ts('Birth-Date'), $errorMessage); } break; case 'deceased_date': if (CRM_Utils_Date::convertToDefaultDate($params, $dateType, $key)) { if (!CRM_Utils_Rule::date($params[$key])) { self::addToErrorMsg(ts('Deceased Date'), $errorMessage); } } else { self::addToErrorMsg(ts('Deceased Date'), $errorMessage); } break; case 'is_deceased': if (CRM_Utils_String::strtoboolstr($value) === false) { self::addToErrorMsg(ts('Is Deceased'), $errorMessage); } break; case 'gender': if (!self::checkGender($value)) { self::addToErrorMsg(ts('Gender'), $errorMessage); } break; case 'preferred_communication_method': $preffComm = array(); $preffComm = explode(',', $value); foreach ($preffComm as $v) { if (!self::in_value(trim($v), CRM_Core_PseudoConstant::pcm())) { self::addToErrorMsg(ts('Preferred Communication Method'), $errorMessage); } } break; case 'preferred_mail_format': if (!array_key_exists(strtolower($value), array_change_key_case(CRM_Core_SelectValues::pmf(), CASE_LOWER))) { self::addToErrorMsg(ts('Preferred Mail Format'), $errorMessage); } break; case 'individual_prefix': if (!self::in_value($value, CRM_Core_PseudoConstant::individualPrefix())) { self::addToErrorMsg(ts('Individual Prefix'), $errorMessage); } break; case 'individual_suffix': if (!self::in_value($value, CRM_Core_PseudoConstant::individualSuffix())) { self::addToErrorMsg(ts('Individual Suffix'), $errorMessage); } break; case 'state_province': if (!empty($value)) { foreach ($value as $stateValue) { if ($stateValue['state_province']) { if (self::in_value($stateValue['state_province'], CRM_Core_PseudoConstant::stateProvinceAbbreviation()) || self::in_value($stateValue['state_province'], CRM_Core_PseudoConstant::stateProvince())) { continue; } else { self::addToErrorMsg(ts('State / Province'), $errorMessage); } } } } break; case 'country': if (!empty($value)) { foreach ($value as $stateValue) { if ($stateValue['country']) { CRM_Core_PseudoConstant::populate($countryNames, 'CRM_Core_DAO_Country', true, 'name', 'is_active'); CRM_Core_PseudoConstant::populate($countryIsoCodes, 'CRM_Core_DAO_Country', true, 'iso_code'); $config =& CRM_Core_Config::singleton(); $limitCodes = $config->countryLimit(); //If no country is selected in //localization then take all countries if (empty($limitCodes)) { $limitCodes = $countryIsoCodes; } if (self::in_value($stateValue['country'], $limitCodes) || self::in_value($stateValue['country'], CRM_Core_PseudoConstant::country())) { continue; } else { if (self::in_value($stateValue['country'], $countryIsoCodes) || self::in_value($stateValue['country'], $countryNames)) { self::addToErrorMsg(ts('Country input value is in table but not "available": "This Country is valid but is NOT in the list of Available Countries currently configured for your site. This can be viewed and modifed from Global Settings >> Localization." '), $errorMessage); } else { self::addToErrorMsg(ts('Country input value not in country table: "The Country value appears to be invalid. It does not match any value in CiviCRM table of countries."'), $errorMessage); } } } } } break; case 'geo_code_1': if (!empty($value)) { foreach ($value as $codeValue) { if ($codeValue['geo_code_1']) { if (CRM_Utils_Rule::numeric($codeValue['geo_code_1'])) { continue; } else { self::addToErrorMsg(ts('Geo code 1'), $errorMessage); } } } } break; case 'geo_code_2': if (!empty($value)) { foreach ($value as $codeValue) { if ($codeValue['geo_code_2']) { if (CRM_Utils_Rule::numeric($codeValue['geo_code_2'])) { continue; } else { self::addToErrorMsg(ts('Geo code 2'), $errorMessage); } } } } break; //check for any error in email/postal greeting, addressee, //custom email/postal greeting, custom addressee, CRM-4575 //check for any error in email/postal greeting, addressee, //custom email/postal greeting, custom addressee, CRM-4575 case 'email_greeting': $emailGreetingFilter = array('contact_type' => $this->_contactType, 'greeting_type' => 'email_greeting'); if (!self::in_value($value, CRM_Core_PseudoConstant::greeting($emailGreetingFilter))) { self::addToErrorMsg(ts('Email Greeting must be one of the configured format options. Check Administer >> Option Lists >> Email Greetings for valid values'), $errorMessage); } break; case 'postal_greeting': $postalGreetingFilter = array('contact_type' => $this->_contactType, 'greeting_type' => 'postal_greeting'); if (!self::in_value($value, CRM_Core_PseudoConstant::greeting($postalGreetingFilter))) { self::addToErrorMsg(ts('Postal Greeting must be one of the configured format options. Check Administer >> Option Lists >> Postal Greetings for valid values'), $errorMessage); } break; case 'addressee': $addresseeFilter = array('contact_type' => $this->_contactType, 'greeting_type' => 'addressee'); if (!self::in_value($value, CRM_Core_PseudoConstant::greeting($addresseeFilter))) { self::addToErrorMsg(ts('Addressee must be one of the configured format options. Check Administer >> Option Lists >> Addressee for valid values'), $errorMessage); } break; case 'email_greeting_custom': if (array_key_exists('email_greeting', $params)) { $emailGreetingLabel = key(CRM_Core_OptionGroup::values('email_greeting', true, null, null, 'AND v.name = "Customized"')); if (CRM_Utils_Array::value('email_greeting', $params) != $emailGreetingLabel) { self::addToErrorMsg(ts('Email Greeting - Custom'), $errorMessage); } } break; case 'postal_greeting_custom': if (array_key_exists('postal_greeting', $params)) { $postalGreetingLabel = key(CRM_Core_OptionGroup::values('postal_greeting', true, null, null, 'AND v.name = "Customized"')); if (CRM_Utils_Array::value('postal_greeting', $params) != $postalGreetingLabel) { self::addToErrorMsg(ts('Postal Greeting - Custom'), $errorMessage); } } break; case 'addressee_custom': if (array_key_exists('addressee', $params)) { $addresseeLabel = key(CRM_Core_OptionGroup::values('addressee', true, null, null, 'AND v.name = "Customized"')); if (CRM_Utils_Array::value('addressee', $params) != $addresseeLabel) { self::addToErrorMsg(ts('Addressee - Custom'), $errorMessage); } } break; case 'home_URL': if (CRM_Utils_Rule::url($value) === false) { self::addToErrorMsg(ts('Website'), $errorMessage); } break; case 'do_not_email': case 'do_not_phone': case 'do_not_mail': case 'do_not_sms': case 'do_not_trade': if (CRM_Utils_Rule::boolean($value) == false) { $key = ucwords(str_replace("_", " ", $key)); self::addToErrorMsg($key, $errorMessage); } break; case 'email': if (is_array($value)) { foreach ($value as $values) { if (CRM_Utils_Array::value('email', $values) && !CRM_Utils_Rule::email($values['email'])) { self::addToErrorMsg($key, $errorMessage); break; } } } break; default: if (is_array($params[$key]) && isset($params[$key]["contact_type"])) { //check for any relationship data ,FIX ME self::isErrorInCoreData($params[$key], $errorMessage); } } } } }
/** * Helper function to validate custom field value * * @params String $fieldName Custom field name (eg: custom_8 ) * @params Mixed $value Field value to be validate * @params Array $fieldDetails Field Details * @params Array $errors Collect validation errors * * @param $fieldName * @param $value * @param $fieldDetails * @param array $errors * * @return Array Validation errors * @todo remove this function - not in use but need to review functionality before * removing as it might be useful in wrapper layer */ function _civicrm_api3_custom_field_validate_field($fieldName, $value, $fieldDetails, &$errors = array()) { return; //see comment block if (!$value) { return $errors; } $dataType = $fieldDetails['data_type']; $htmlType = $fieldDetails['html_type']; switch ($dataType) { case 'Int': if (!CRM_Utils_Rule::integer($value)) { $errors[$fieldName] = 'Invalid integer value for ' . $fieldName; } break; case 'Float': if (!CRM_Utils_Rule::numeric($value)) { $errors[$fieldName] = 'Invalid numeric value for ' . $fieldName; } break; case 'Money': if (!CRM_Utils_Rule::money($value)) { $errors[$fieldName] = 'Invalid numeric value for ' . $fieldName; } break; case 'Link': if (!CRM_Utils_Rule::url($value)) { $errors[$fieldName] = 'Invalid link for ' . $fieldName; } break; case 'Boolean': if ($value != '1' && $value != '0') { $errors[$fieldName] = 'Invalid boolean (use 1 or 0) value for ' . $fieldName; } break; case 'Country': if (empty($value)) { break; } if ($htmlType != 'Multi-Select Country' && is_array($value)) { $errors[$fieldName] = 'Invalid country for ' . $fieldName; break; } if (!is_array($value)) { $value = array($value); } $query = "SELECT count(*) FROM civicrm_country WHERE id IN (" . implode(',', $value) . ")"; if (CRM_Core_DAO::singleValueQuery($query) < count($value)) { $errors[$fieldName] = 'Invalid country(s) for ' . $fieldName; } break; case 'StateProvince': if (empty($value)) { break; } if ($htmlType != 'Multi-Select State/Province' && is_array($value)) { $errors[$fieldName] = 'Invalid State/Province for ' . $fieldName; break; } if (!is_array($value)) { $value = array($value); } $query = "\nSELECT count(*)\n FROM civicrm_state_province\n WHERE id IN ('" . implode("','", $value) . "')"; if (CRM_Core_DAO::singleValueQuery($query) < count($value)) { $errors[$fieldName] = 'Invalid State/Province for ' . $fieldName; } break; case 'ContactReference': //FIX ME break; } if (in_array($htmlType, array('Select', 'Multi-Select', 'CheckBox', 'Radio', 'AdvMulti-Select')) && !isset($errors[$fieldName])) { $options = CRM_Core_OptionGroup::valuesByID($fieldDetails['option_group_id']); if (!is_array($value)) { $value = array($value); } $invalidOptions = array_diff($value, array_keys($options)); if (!empty($invalidOptions)) { $errors[$fieldName] = "Invalid option(s) for field '{$fieldName}': " . implode(',', $invalidOptions); } } return $errors; }
/** * global validation rules for the form * * @param array $fields (referance) posted values of the form * * @return array if errors then list of errors to be posted back to the form, * true otherwise * @static * @access public */ static function formRule($fields, $files, $self) { $default = CRM_Utils_Array::value('default_value', $fields); $errors = array(); //validate field label as well as name. $title = $fields['label']; $name = CRM_Utils_String::munge($title, '_', 64); $gId = $self->_gid; // CRM-7564 $query = 'select count(*) from civicrm_custom_field where ( name like %1 OR label like %2 ) and id != %3 and custom_group_id = %4'; $fldCnt = CRM_Core_DAO::singleValueQuery($query, array(1 => array($name, 'String'), 2 => array($title, 'String'), 3 => array((int) $self->_id, 'Integer'), 4 => array($gId, 'Integer'))); if ($fldCnt) { $errors['label'] = ts('Custom field \'%1\' already exists in Database.', array(1 => $title)); } //checks the given custom field name doesnot start with digit if (!empty($title)) { // gives the ascii value $asciiValue = ord($title[0]); if ($asciiValue >= 48 && $asciiValue <= 57) { $errors['label'] = ts("Field's Name should not start with digit"); } } // ensure that the label is not 'id' if (strtolower($title) == 'id') { $errors['label'] = ts("You cannot use 'id' as a field label."); } if (!isset($fields['data_type'][0]) || !isset($fields['data_type'][1])) { $errors['_qf_default'] = ts('Please enter valid - Data and Input Field Type.'); } $dataType = self::$_dataTypeKeys[$fields['data_type'][0]]; if ($default || $dataType == 'ContactReference') { switch ($dataType) { case 'Int': if (!CRM_Utils_Rule::integer($default)) { $errors['default_value'] = ts('Please enter a valid integer as default value.'); } break; case 'Float': if (!CRM_Utils_Rule::numeric($default)) { $errors['default_value'] = ts('Please enter a valid number as default value.'); } break; case 'Money': if (!CRM_Utils_Rule::money($default)) { $errors['default_value'] = ts('Please enter a valid number value.'); } break; case 'Link': if (!CRM_Utils_Rule::url($default)) { $errors['default_value'] = ts('Please enter a valid link.'); } break; case 'Date': if (!CRM_Utils_Rule::date($default)) { $errors['default_value'] = ts('Please enter a valid date as default value using YYYY-MM-DD format. Example: 2004-12-31.'); } break; case 'Boolean': if ($default != '1' && $default != '0') { $errors['default_value'] = ts('Please enter 1 (for Yes) or 0 (for No) if you want to set a default value.'); } break; case 'Country': if (!empty($default)) { $query = "SELECT count(*) FROM civicrm_country WHERE name = %1 OR iso_code = %1"; $params = array(1 => array($fields['default_value'], 'String')); if (CRM_Core_DAO::singleValueQuery($query, $params) <= 0) { $errors['default_value'] = ts('Invalid default value for country.'); } } break; case 'StateProvince': if (!empty($default)) { $query = "\nSELECT count(*)\n FROM civicrm_state_province\n WHERE name = %1\n OR abbreviation = %1"; $params = array(1 => array($fields['default_value'], 'String')); if (CRM_Core_DAO::singleValueQuery($query, $params) <= 0) { $errors['default_value'] = ts('The invalid default value for State/Province data type'); } } break; case 'ContactReference': if ($fields['filter_selected'] == 'Advance' && CRM_Utils_Array::value('filter', $fields)) { if (strpos($fields['filter'], 'entity=') !== FALSE) { $errors['filter'] = ts("Please do not include entity parameter (entity is always 'contact')"); } elseif (strpos($fields['filter'], 'action=') === FALSE) { $errors['filter'] = ts("Please specify 'action' parameter, it should be 'lookup' or 'get'"); } elseif (strpos($fields['filter'], 'action=get') === FALSE && strpos($fields['filter'], 'action=lookup') === FALSE) { $errors['filter'] = ts("Only 'get' and 'lookup' actions are supported."); } } $self->setDefaults(array('filter_selected', $fields['filter_selected'])); break; } } if (self::$_dataTypeKeys[$fields['data_type'][0]] == 'Date') { if (!$fields['date_format']) { $errors['date_format'] = ts('Please select a date format.'); } } /** Check the option values entered * Appropriate values are required for the selected datatype * Incomplete row checking is also required. */ $_flagOption = $_rowError = 0; $_showHide = new CRM_Core_ShowHideBlocks('', ''); $dataType = self::$_dataTypeKeys[$fields['data_type'][0]]; if (isset($fields['data_type'][1])) { $dataField = $fields['data_type'][1]; } $optionFields = array('Select', 'Multi-Select', 'CheckBox', 'Radio', 'AdvMulti-Select'); if (isset($fields['option_type']) && $fields['option_type'] == 1) { //capture duplicate Custom option values if (!empty($fields['option_value'])) { $countValue = count($fields['option_value']); $uniqueCount = count(array_unique($fields['option_value'])); if ($countValue > $uniqueCount) { $start = 1; while ($start < self::NUM_OPTION) { $nextIndex = $start + 1; while ($nextIndex <= self::NUM_OPTION) { if ($fields['option_value'][$start] == $fields['option_value'][$nextIndex] && !empty($fields['option_value'][$nextIndex])) { $errors['option_value[' . $start . ']'] = ts('Duplicate Option values'); $errors['option_value[' . $nextIndex . ']'] = ts('Duplicate Option values'); $_flagOption = 1; } $nextIndex++; } $start++; } } } //capture duplicate Custom Option label if (!empty($fields['option_label'])) { $countValue = count($fields['option_label']); $uniqueCount = count(array_unique($fields['option_label'])); if ($countValue > $uniqueCount) { $start = 1; while ($start < self::NUM_OPTION) { $nextIndex = $start + 1; while ($nextIndex <= self::NUM_OPTION) { if ($fields['option_label'][$start] == $fields['option_label'][$nextIndex] && !empty($fields['option_label'][$nextIndex])) { $errors['option_label[' . $start . ']'] = ts('Duplicate Option label'); $errors['option_label[' . $nextIndex . ']'] = ts('Duplicate Option label'); $_flagOption = 1; } $nextIndex++; } $start++; } } } for ($i = 1; $i <= self::NUM_OPTION; $i++) { if (!$fields['option_label'][$i]) { if ($fields['option_value'][$i]) { $errors['option_label[' . $i . ']'] = ts('Option label cannot be empty'); $_flagOption = 1; } else { $_emptyRow = 1; } } else { if (!strlen(trim($fields['option_value'][$i]))) { if (!$fields['option_value'][$i]) { $errors['option_value[' . $i . ']'] = ts('Option value cannot be empty'); $_flagOption = 1; } } } if ($fields['option_value'][$i] && $dataType != 'String') { if ($dataType == 'Int') { if (!CRM_Utils_Rule::integer($fields['option_value'][$i])) { $_flagOption = 1; $errors['option_value[' . $i . ']'] = ts('Please enter a valid integer.'); } } elseif ($dataType == 'Money') { if (!CRM_Utils_Rule::money($fields['option_value'][$i])) { $_flagOption = 1; $errors['option_value[' . $i . ']'] = ts('Please enter a valid money value.'); } } else { if (!CRM_Utils_Rule::numeric($fields['option_value'][$i])) { $_flagOption = 1; $errors['option_value[' . $i . ']'] = ts('Please enter a valid number.'); } } } $showBlocks = 'optionField_' . $i; if ($_flagOption) { $_showHide->addShow($showBlocks); $_rowError = 1; } if (!empty($_emptyRow)) { $_showHide->addHide($showBlocks); } else { $_showHide->addShow($showBlocks); } if ($i == self::NUM_OPTION) { $hideBlock = 'additionalOption'; $_showHide->addHide($hideBlock); } $_flagOption = $_emptyRow = 0; } } elseif (isset($dataField) && in_array($dataField, $optionFields) && !in_array($dataType, array('Boolean', 'Country', 'StateProvince'))) { if (!$fields['option_group_id']) { $errors['option_group_id'] = ts('You must select a Multiple Choice Option set if you chose Reuse an existing set.'); } else { $query = "\nSELECT count(*)\nFROM civicrm_custom_field\nWHERE data_type != %1\nAND option_group_id = %2"; $params = array(1 => array(self::$_dataTypeKeys[$fields['data_type'][0]], 'String'), 2 => array($fields['option_group_id'], 'Integer')); $count = CRM_Core_DAO::singleValueQuery($query, $params); if ($count > 0) { $errors['option_group_id'] = ts('The data type of the multiple choice option set you\'ve selected does not match the data type assigned to this field.'); } } } $assignError = new CRM_Core_Page(); if ($_rowError) { $_showHide->addToTemplate(); $assignError->assign('optionRowError', $_rowError); } else { if (isset($fields['data_type'][1])) { switch (self::$_dataToHTML[$fields['data_type'][0]][$fields['data_type'][1]]) { case 'Radio': $_fieldError = 1; $assignError->assign('fieldError', $_fieldError); break; case 'Checkbox': $_fieldError = 1; $assignError->assign('fieldError', $_fieldError); break; case 'Select': $_fieldError = 1; $assignError->assign('fieldError', $_fieldError); break; default: $_fieldError = 0; $assignError->assign('fieldError', $_fieldError); } } for ($idx = 1; $idx <= self::NUM_OPTION; $idx++) { $showBlocks = 'optionField_' . $idx; if (!empty($fields['option_label'][$idx])) { $_showHide->addShow($showBlocks); } else { $_showHide->addHide($showBlocks); } } $_showHide->addToTemplate(); } // we can not set require and view at the same time. if (CRM_Utils_Array::value('is_required', $fields) && CRM_Utils_Array::value('is_view', $fields)) { $errors['is_view'] = ts('Can not set this field Required and View Only at the same time.'); } return empty($errors) ? TRUE : $errors; }
/** * Validate a value against a CustomField type. * * @param string $type * The type of the data. * @param string $value * The data to be validated. * * @return bool * True if the value is of the specified type */ public static function typecheck($type, $value) { switch ($type) { case 'Memo': return TRUE; case 'String': return CRM_Utils_Rule::string($value); case 'Int': return CRM_Utils_Rule::integer($value); case 'Float': case 'Money': return CRM_Utils_Rule::numeric($value); case 'Date': if (is_numeric($value)) { return CRM_Utils_Rule::dateTime($value); } else { return CRM_Utils_Rule::date($value); } case 'Boolean': return CRM_Utils_Rule::boolean($value); case 'ContactReference': return CRM_Utils_Rule::validContact($value); case 'StateProvince': //fix for multi select state, CRM-3437 $valid = FALSE; $mulValues = explode(',', $value); foreach ($mulValues as $key => $state) { $valid = array_key_exists(strtolower(trim($state)), array_change_key_case(array_flip(CRM_Core_PseudoConstant::stateProvinceAbbreviation()), CASE_LOWER)) || array_key_exists(strtolower(trim($state)), array_change_key_case(array_flip(CRM_Core_PseudoConstant::stateProvince()), CASE_LOWER)); if (!$valid) { break; } } return $valid; case 'Country': //fix multi select country, CRM-3437 $valid = FALSE; $mulValues = explode(',', $value); foreach ($mulValues as $key => $country) { $valid = array_key_exists(strtolower(trim($country)), array_change_key_case(array_flip(CRM_Core_PseudoConstant::countryIsoCode()), CASE_LOWER)) || array_key_exists(strtolower(trim($country)), array_change_key_case(array_flip(CRM_Core_PseudoConstant::country()), CASE_LOWER)); if (!$valid) { break; } } return $valid; case 'Link': return CRM_Utils_Rule::url($value); } return FALSE; }
/** * Verify that a variable is of a given type, and apply a bit of processing. * * @param mixed $data * The value to be verified/escaped. * @param string $type * The type to verify against. * @param bool $abort * If TRUE, the operation will CRM_Core_Error::fatal() on invalid data. * * @return mixed * The data, escaped if necessary. */ public static function escape($data, $type, $abort = TRUE) { switch ($type) { case 'Integer': case 'Int': if (CRM_Utils_Rule::integer($data)) { return (int) $data; } break; case 'Positive': // CRM-8925 the 3 below are for custom fields of this type // CRM-8925 the 3 below are for custom fields of this type case 'Country': case 'StateProvince': // Checked for multi valued state/country value if (is_array($data)) { $returnData = TRUE; // @todo Reuse of the $data variable = asking for trouble. // @todo This code will always return the last item in the array. Intended? foreach ($data as $data) { if (CRM_Utils_Rule::positiveInteger($data) || CRM_Core_DAO::escapeString($data)) { $returnData = TRUE; } else { $returnData = FALSE; } } if ($returnData) { return $data; } } elseif (!is_numeric($data) && CRM_Core_DAO::escapeString($data)) { return $data; } elseif (CRM_Utils_Rule::positiveInteger($data)) { return $data; } break; case 'File': if (CRM_Utils_Rule::positiveInteger($data)) { return $data; } break; case 'Link': if (CRM_Utils_Rule::url($data = trim($data))) { return $data; } break; case 'Boolean': if (CRM_Utils_Rule::boolean($data)) { return $data; } break; case 'Float': case 'Money': if (CRM_Utils_Rule::numeric($data)) { return $data; } break; case 'String': case 'Memo': case 'Text': return CRM_Core_DAO::escapeString($data); case 'Date': case 'Timestamp': // a null date or timestamp is valid if (strlen(trim($data)) == 0) { return trim($data); } if ((preg_match('/^\\d{8}$/', $data) || preg_match('/^\\d{14}$/', $data)) && CRM_Utils_Rule::mysqlDate($data)) { return $data; } break; case 'ContactReference': if (strlen(trim($data)) == 0) { return trim($data); } if (CRM_Utils_Rule::validContact($data)) { return $data; } break; default: CRM_Core_Error::fatal($type . " is not a recognised (camel cased) data type."); break; } // @todo Use exceptions instead of CRM_Core_Error::fatal(). if ($abort) { $data = htmlentities($data); CRM_Core_Error::fatal("{$data} is not of the type {$type}"); } return NULL; }
/** * Verify that a variable is of a given type, and apply a bit of processing. * * @param mixed $data * The value to be verified/escaped. * @param string $type * The type to verify against. * @param bool $abort * If TRUE, the operation will CRM_Core_Error::fatal() on invalid data. * * @return mixed * The data, escaped if necessary. */ public static function escape($data, $type, $abort = TRUE) { switch ($type) { case 'Integer': case 'Int': if (CRM_Utils_Rule::integer($data)) { return (int) $data; } break; case 'Positive': if (CRM_Utils_Rule::positiveInteger($data)) { return (int) $data; } break; // CRM-8925 for custom fields of this type // CRM-8925 for custom fields of this type case 'Country': case 'StateProvince': // Handle multivalued data in delimited or array format if (is_array($data) || strpos($data, CRM_Core_DAO::VALUE_SEPARATOR) !== FALSE) { $valid = TRUE; foreach (CRM_Utils_Array::explodePadded($data) as $item) { if (!CRM_Utils_Rule::positiveInteger($item)) { $valid = FALSE; } } if ($valid) { return $data; } } elseif (CRM_Utils_Rule::positiveInteger($data)) { return (int) $data; } break; case 'File': if (CRM_Utils_Rule::positiveInteger($data)) { return (int) $data; } break; case 'Link': if (CRM_Utils_Rule::url($data = trim($data))) { return $data; } break; case 'Boolean': if (CRM_Utils_Rule::boolean($data)) { return $data; } break; case 'Float': case 'Money': if (CRM_Utils_Rule::numeric($data)) { return $data; } break; case 'String': case 'Memo': case 'Text': return CRM_Core_DAO::escapeString($data); case 'Date': case 'Timestamp': // a null date or timestamp is valid if (strlen(trim($data)) == 0) { return trim($data); } if ((preg_match('/^\\d{8}$/', $data) || preg_match('/^\\d{14}$/', $data)) && CRM_Utils_Rule::mysqlDate($data)) { return $data; } break; case 'ContactReference': if (strlen(trim($data)) == 0) { return trim($data); } if (CRM_Utils_Rule::validContact($data)) { return (int) $data; } break; case 'MysqlColumnNameOrAlias': if (CRM_Utils_Rule::mysqlColumnNameOrAlias($data)) { $data = str_replace('`', '', $data); $parts = explode('.', $data); $data = '`' . implode('`.`', $parts) . '`'; return $data; } break; case 'MysqlOrderByDirection': if (CRM_Utils_Rule::mysqlOrderByDirection($data)) { return strtolower($data); } break; case 'MysqlOrderBy': if (CRM_Utils_Rule::mysqlOrderBy($data)) { $parts = explode(',', $data); foreach ($parts as &$part) { $part = preg_replace_callback('/^(?:(?:((?:`[\\w-]{1,64}`|[\\w-]{1,64}))(?:\\.))?(`[\\w-]{1,64}`|[\\w-]{1,64})(?: (asc|desc))?)$/i', array('CRM_Utils_Type', 'mysqlOrderByCallback'), trim($part)); } return implode(', ', $parts); } break; default: CRM_Core_Error::fatal($type . " is not a recognised (camel cased) data type."); break; } // @todo Use exceptions instead of CRM_Core_Error::fatal(). if ($abort) { $data = htmlentities($data); CRM_Core_Error::fatal("{$data} is not of the type {$type}"); } return NULL; }
/** * Verify that a variable is of a given type, and apply a bit of processing. * * @param mixed $data * The value to be verified/escaped. * @param string $type * The type to verify against. * @param bool $abort * If TRUE, the operation will CRM_Core_Error::fatal() on invalid data. * * @return mixed * The data, escaped if necessary. */ public static function escape($data, $type, $abort = TRUE) { switch ($type) { case 'Integer': case 'Int': if (CRM_Utils_Rule::integer($data)) { return (int) $data; } break; case 'Positive': if (CRM_Utils_Rule::positiveInteger($data)) { return (int) $data; } break; // CRM-8925 for custom fields of this type // CRM-8925 for custom fields of this type case 'Country': case 'StateProvince': // Handle multivalued data in delimited or array format if (is_array($data) || strpos($data, CRM_Core_DAO::VALUE_SEPARATOR) !== FALSE) { $valid = TRUE; foreach (CRM_Utils_Array::explodePadded($data) as $item) { if (!CRM_Utils_Rule::positiveInteger($item)) { $valid = FALSE; } } if ($valid) { return $data; } } elseif (CRM_Utils_Rule::positiveInteger($data)) { return (int) $data; } break; case 'File': if (CRM_Utils_Rule::positiveInteger($data)) { return (int) $data; } break; case 'Link': if (CRM_Utils_Rule::url($data = trim($data))) { return $data; } break; case 'Boolean': if (CRM_Utils_Rule::boolean($data)) { return $data; } break; case 'Float': case 'Money': if (CRM_Utils_Rule::numeric($data)) { return $data; } break; case 'String': case 'Memo': case 'Text': return CRM_Core_DAO::escapeString($data); case 'Date': case 'Timestamp': // a null date or timestamp is valid if (strlen(trim($data)) == 0) { return trim($data); } if ((preg_match('/^\\d{8}$/', $data) || preg_match('/^\\d{14}$/', $data)) && CRM_Utils_Rule::mysqlDate($data)) { return $data; } break; case 'ContactReference': if (strlen(trim($data)) == 0) { return trim($data); } if (CRM_Utils_Rule::validContact($data)) { return (int) $data; } break; default: CRM_Core_Error::fatal($type . " is not a recognised (camel cased) data type."); break; } // @todo Use exceptions instead of CRM_Core_Error::fatal(). if ($abort) { $data = htmlentities($data); CRM_Core_Error::fatal("{$data} is not of the type {$type}"); } return NULL; }
/** * Synchronize the object with the UF Match entry. Can be called stand-alone from * the drupalUsers script * * @param Object $user the drupal user object * @param string $userKey the id of the user from the uf object * @param string $uniqId the OpenID of the user * @param string $uf the name of the user framework * @param integer $status returns the status if user created or already exits (used for CMS sync) * * @return the ufmatch object that was found or created * @access public * @static */ static function &synchronizeUFMatch(&$user, $userKey, $uniqId, $uf, $status = null, $ctype = null, $isLogin = false) { // validate that uniqId is a valid url. it will either be // an OpenID (which should always be a valid url) or a // http://uf_username/ construction (so that it can // be used as an OpenID in the future) require_once 'CRM/Utils/Rule.php'; if ($uf == 'Standalone') { if (!CRM_Utils_Rule::url($uniqId)) { return $status ? null : false; } } else { if (!CRM_Utils_Rule::email($uniqId)) { return $status ? null : false; } } $newContact = false; // make sure that a contact id exists for this user id $ufmatch =& new CRM_Core_DAO_UFMatch(); if (CRM_Core_DAO::checkFieldExists('civicrm_uf_match', 'domain_id')) { // FIXME: if() condition check was required especially for upgrade cases (2.2.x -> 3.0.x), // where folks if happen to logout, would encounter a column not found fatal error $ufmatch->domain_id = CRM_Core_Config::domainID(); } $ufmatch->uf_id = $userKey; if (!$ufmatch->find(true)) { require_once 'CRM/Core/Transaction.php'; $transaction = new CRM_Core_Transaction(); if (!empty($_POST) && !$isLogin) { $params = $_POST; $params['email'] = $uniqId; require_once 'CRM/Dedupe/Finder.php'; $dedupeParams = CRM_Dedupe_Finder::formatParams($params, 'Individual'); $ids = CRM_Dedupe_Finder::dupesByParams($dedupeParams, 'Individual'); if (!empty($ids) && defined('CIVICRM_UNIQ_EMAIL_PER_SITE') && CIVICRM_UNIQ_EMAIL_PER_SITE) { // restrict dupeIds to ones that belong to current domain/site. require_once 'CRM/Core/BAO/Domain.php'; $siteContacts = CRM_Core_BAO_Domain::getContactList(); foreach ($ids as $index => $dupeId) { if (!in_array($dupeId, $siteContacts)) { unset($ids[$index]); } } $ids = array_values($ids); //re-index the array } if (!empty($ids)) { $dao = new CRM_Core_DAO(); $dao->contact_id = $ids[0]; } } else { require_once 'CRM/Contact/BAO/Contact.php'; if ($uf == 'Standalone') { $dao =& CRM_Contact_BAO_Contact::matchContactOnOpenId($uniqId, $ctype); } else { $dao =& CRM_Contact_BAO_Contact::matchContactOnEmail($uniqId, $ctype); } } if ($dao) { //print "Found contact with uniqId $uniqId<br/>"; $ufmatch->contact_id = $dao->contact_id; $ufmatch->uf_name = $uniqId; } else { if ($uf == 'Drupal') { $mail = 'mail'; } else { $mail = 'email'; } if (is_Object($user)) { $params = array('email-Primary' => $user->{$mail}); } if ($ctype == 'Organization') { $params['organization_name'] = $uniqId; } else { if ($ctype == 'Household') { $params['household_name'] = $uniqId; } } if (!$ctype) { $ctype = "Individual"; } $params['contact_type'] = $ctype; // extract first / middle / last name // for joomla if ($uf == 'Joomla' && $user->name) { require_once 'CRM/Utils/String.php'; CRM_Utils_String::extractName($user->name, $params); } if ($uf == 'Standalone') { $params['openid-Primary'] = $uniqId; //need to delete below code once profile is //exposed on signup page if (!empty($user->first_name) || !empty($user->last_name)) { $params['first_name'] = $user->first_name; $params['last_name'] = $user->last_name; } elseif (!empty($user->name)) { require_once 'CRM/Utils/String.php'; CRM_Utils_String::extractName($user->name, $params); } } $contactId = CRM_Contact_BAO_Contact::createProfileContact($params, CRM_Core_DAO::$_nullArray); $ufmatch->contact_id = $contactId; $ufmatch->uf_name = $uniqId; } // check that there are not two CMS IDs matching the same CiviCRM contact - this happens when a civicrm // user has two e-mails and there is a cms match for each of them // the gets rid of the nasty fata error but still reports the error $sql = "\nSELECT uf_id\nFROM civicrm_uf_match\nWHERE ( contact_id = %1\nOR uf_name = %2\nOR uf_id = %3 )\nAND domain_id = %4\n"; $params = array(1 => array($ufmatch->contact_id, 'Integer'), 2 => array($ufmatch->uf_name, 'String'), 3 => array($ufmatch->uf_id, 'Integer'), 4 => array($ufmatch->domain_id, 'Integer')); require_once 'CRM/Core/DAO.php'; $conflict = CRM_Core_DAO::singleValueQuery($sql, $params); if (!$conflict) { $ufmatch->save(); $ufmatch->free(); $newContact = true; $transaction->commit(); } else { $msg = ts("Contact ID %1 is a match for %2 user %3 but has already been matched to %4", array(1 => $ufmatch->contact_id, 2 => $uf, 3 => $ufmatch->uf_id, 4 => $conflict)); unset($conflict); } } if ($status) { return $newContact; } else { return $ufmatch; } }
/** * Synchronize the object with the UF Match entry. Can be called stand-alone from * the drupalUsers script * * @param Object $user the drupal user object * @param string $userKey the id of the user from the uf object * @param string $uniqId the OpenID of the user * @param string $uf the name of the user framework * @param integer $status returns the status if user created or already exits (used for CMS sync) * * @return the ufmatch object that was found or created * @access public * @static */ static function &synchronizeUFMatch(&$user, $userKey, $uniqId, $uf, $status = null, $ctype = null) { // validate that uniqId is a valid url. it will either be // an OpenID (which should always be a valid url) or a // http://uf_username/ construction (so that it can // be used as an OpenID in the future) require_once 'CRM/Utils/Rule.php'; if ($uf == 'Standalone') { if (!CRM_Utils_Rule::url($uniqId)) { return $status ? null : false; } } else { if (!CRM_Utils_Rule::email($uniqId)) { return $status ? null : false; } } $newContact = false; // make sure that a contact id exists for this user id $ufmatch =& new CRM_Core_DAO_UFMatch(); if (CRM_Core_DAO::checkFieldExists('civicrm_uf_match', 'domain_id')) { // FIXME: if() condition check was required especially for upgrade cases (2.2.x -> 3.0.x), // where folks if happen to logout, would encounter a column not found fatal error $ufmatch->domain_id = CRM_Core_Config::domainID(); } $ufmatch->uf_id = $userKey; if (!$ufmatch->find(true)) { require_once 'CRM/Core/Transaction.php'; $transaction = new CRM_Core_Transaction(); if (!empty($_POST)) { $params = $_POST; $params['email'] = $uniqId; require_once 'CRM/Dedupe/Finder.php'; $dedupeParams = CRM_Dedupe_Finder::formatParams($params, 'Individual'); $ids = CRM_Dedupe_Finder::dupesByParams($dedupeParams, 'Individual'); if (!empty($ids)) { $dao = new CRM_Core_DAO(); $dao->contact_id = $ids[0]; } } else { require_once 'CRM/Contact/BAO/Contact.php'; if ($uf == 'Standalone') { $dao =& CRM_Contact_BAO_Contact::matchContactOnOpenId($uniqId, $ctype); } else { $dao =& CRM_Contact_BAO_Contact::matchContactOnEmail($uniqId, $ctype); } } if ($dao) { //print "Found contact with uniqId $uniqId<br/>"; $ufmatch->contact_id = $dao->contact_id; $ufmatch->uf_name = $uniqId; } else { if ($uf == 'Drupal') { $mail = 'mail'; } else { $mail = 'email'; } if (is_Object($user)) { $params = array('email-Primary' => $user->{$mail}); } if ($ctype == 'Organization') { $params['organization_name'] = $uniqId; } else { if ($ctype == 'Household') { $params['household_name'] = $uniqId; } } if (!$ctype) { $ctype = "Individual"; } $params['contact_type'] = $ctype; // extract first / middle / last name // for joomla if ($uf == 'Joomla' && $user->name) { require_once 'CRM/Utils/String.php'; CRM_Utils_String::extractName($user->name, $params); } if ($uf == 'Standalone') { $params['openid-Primary'] = $uniqId; //need to delete below code once profile is //exposed on signup page if (!empty($user->first_name) || !empty($user->last_name)) { $params['first_name'] = $user->first_name; $params['last_name'] = $user->last_name; } elseif (!empty($user->name)) { require_once 'CRM/Utils/String.php'; CRM_Utils_String::extractName($user->name, $params); } } $contactId = CRM_Contact_BAO_Contact::createProfileContact($params, CRM_Core_DAO::$_nullArray); $ufmatch->contact_id = $contactId; $ufmatch->uf_name = $uniqId; } $ufmatch->save(); $ufmatch->free(); $newContact = true; $transaction->commit(); } if ($status) { return $newContact; } else { return $ufmatch; } }
/** * Verify that a variable is of a given type * * @param mixed $data The variable * @param string $type The type * @param boolean $abort Should we abort if invalid * * @return mixed The data, escaped if necessary * @access public * @static */ public static function escape($data, $type, $abort = TRUE) { switch ($type) { case 'Integer': case 'Int': if (CRM_Utils_Rule::integer($data)) { return $data; } break; case 'Positive': // the below 2 are for custom fields of this type // CRM-8925 // the below 2 are for custom fields of this type // CRM-8925 case 'Country': case 'StateProvince': if (CRM_Utils_Rule::positiveInteger($data)) { return $data; } break; case 'Link': if (CRM_Utils_Rule::url($data = trim($data))) { return $data; } break; case 'Boolean': if (CRM_Utils_Rule::boolean($data)) { return $data; } break; case 'Float': case 'Money': if (CRM_Utils_Rule::numeric($data)) { return $data; } break; case 'String': case 'Memo': return CRM_Core_DAO::escapeString($data); case 'Date': case 'Timestamp': // a null date or timestamp is valid if (strlen(trim($data)) == 0) { return trim($data); } if ((preg_match('/^\\d{8}$/', $data) || preg_match('/^\\d{14}$/', $data)) && CRM_Utils_Rule::mysqlDate($data)) { return $data; } break; case 'ContactReference': if (strlen(trim($data)) == 0) { return trim($data); } if (CRM_Utils_Rule::validContact($data)) { return $data; } break; default: CRM_Core_Error::fatal("Cannot recognize {$type} for {$data}"); break; } if ($abort) { $data = htmlentities($data); CRM_Core_Error::fatal("{$data} is not of the type {$type}"); } return NULL; }