/** * Create member account from data array. * Data must contain unique identifier. * * @throws ValidationException * @param $data - map of member data * @return Member|boolean - new member (not saved to db), or false if there is an error. */ public function create($data) { $result = new ValidationResult(); if (!Checkout::member_creation_enabled()) { $result->error(_t("Checkout.MEMBERSHIPSNOTALLOWED", "Creating new memberships is not allowed")); throw new ValidationException($result); } $idfield = Config::inst()->get('Member', 'unique_identifier_field'); if (!isset($data[$idfield]) || empty($data[$idfield])) { $result->error(sprintf(_t("Checkout.IDFIELDNOTFOUND", "Required field not found: %s"), $idfield)); throw new ValidationException($result); } if (!isset($data['Password']) || empty($data['Password'])) { $result->error(_t("Checkout.PASSWORDREQUIRED", "A password is required")); throw new ValidationException($result); } $idval = $data[$idfield]; if (ShopMember::get_by_identifier($idval)) { $result->error(sprintf(_t("Checkout.MEMBEREXISTS", "A member already exists with the %s %s"), _t("Member." . $idfield, $idfield), $idval)); throw new ValidationException($result); } $member = new Member(Convert::raw2sql($data)); $validation = $member->validate(); if (!$validation->valid()) { //TODO need to handle i18n here? $result->error($validation->message()); } if (!$result->valid()) { throw new ValidationException($result); } return $member; }
/** * Confirm that the tag has been given a title and doesn't already exist. */ public function validate(ValidationResult $result) { // Determine the field to use, based on the configuration defined tag types. $validate = 'Title'; $class = $this->owner->ClassName; foreach (Config::inst()->get('FusionService', 'custom_tag_types') as $type => $field) { if ($type === $class) { $validate = $field; } } // Confirm that the tag has been given a title and doesn't already exist. if ($result->valid() && !$this->owner->{$validate}) { $result->error("\"{$validate}\" required!"); } else { if ($result->valid() && $class::get_one($class, array('ID != ?' => $this->owner->ID, "LOWER({$validate}) = ?" => strtolower($this->owner->{$validate})))) { $result->error('Tag already exists!'); } } // Allow extension. $this->owner->extend('validateFusionExtension', $result); return $result; }
/** * Test combining validation results together */ public function testCombineResults() { $result = new ValidationResult(); $anotherresult = new ValidationResult(); $yetanotherresult = new ValidationResult(); $anotherresult->error("Eat with your mouth closed", "EATING101"); $yetanotherresult->error("You didn't wash your hands", "BECLEAN"); $this->assertTrue($result->valid()); $this->assertFalse($anotherresult->valid()); $this->assertFalse($yetanotherresult->valid()); $result->combineAnd($anotherresult)->combineAnd($yetanotherresult); $this->assertFalse($result->valid()); $this->assertEquals(array("EATING101" => "Eat with your mouth closed", "BECLEAN" => "You didn't wash your hands"), $result->messageList()); }
public function validate(ValidationResult $valid) { if (!$valid->valid()) { return $valid; } if (empty($this->owner->Title)) { return $valid->error('Title is empty!'); } if (intval($this->owner->ReleaseID) === 0) { return $valid->error('You must select a release'); } if (intval($this->owner->CuratorID) === 0) { return $valid->error('You must select a Curator'); } return $valid; }
public function validateData(Order $order, array $data) { if (Member::currentUserID()) { return; } $result = new ValidationResult(); if (Checkout::membership_required() || !empty($data['Password'])) { $member = new Member($data); $idfield = Member::config()->unique_identifier_field; $idval = $data[$idfield]; if (ShopMember::get_by_identifier($idval)) { $result->error(sprintf(_t("Checkout.MEMBEREXISTS", "A member already exists with the %s %s"), $idfield, $idval), $idval); } $passwordresult = $this->passwordvalidator->validate($data['Password'], $member); if (!$passwordresult->valid()) { $result->error($passwordresult->message(), "Password"); } } if (!$result->valid()) { throw new ValidationException($result); } }
/** * Method to authenticate an user * * @param array $RAW_data Raw data to authenticate the user * @param Form $form Optional: If passed, better error messages can be * produced by using * {@link Form::sessionMessage()} * @return bool|Member Returns FALSE if authentication fails, otherwise * the member object * @see Security::setDefaultAdmin() */ public static function authenticate($RAW_data, Form $form = null) { if (array_key_exists('Email', $RAW_data) && $RAW_data['Email']) { $SQL_user = Convert::raw2sql($RAW_data['Email']); } else { return false; } $isLockedOut = false; $result = null; // Default login (see Security::setDefaultAdmin()) if (Security::check_default_admin($RAW_data['Email'], $RAW_data['Password'])) { $member = Security::findAnAdministrator(); } else { $member = DataObject::get_one("Member", "\"" . Member::get_unique_identifier_field() . "\" = '{$SQL_user}' AND \"Password\" IS NOT NULL"); if ($member) { $result = $member->checkPassword($RAW_data['Password']); } else { $result = new ValidationResult(false, _t('Member.ERRORWRONGCRED')); } if ($member && !$result->valid()) { $member->registerFailedLogin(); $member = false; } } // Optionally record every login attempt as a {@link LoginAttempt} object /** * TODO We could handle this with an extension */ if (Security::login_recording()) { $attempt = new LoginAttempt(); if ($member) { // successful login (member is existing with matching password) $attempt->MemberID = $member->ID; $attempt->Status = 'Success'; // Audit logging hook $member->extend('authenticated'); } else { // failed login - we're trying to see if a user exists with this email (disregarding wrong passwords) $existingMember = DataObject::get_one("Member", "\"" . Member::get_unique_identifier_field() . "\" = '{$SQL_user}'"); if ($existingMember) { $attempt->MemberID = $existingMember->ID; // Audit logging hook $existingMember->extend('authenticationFailed'); } else { // Audit logging hook singleton('Member')->extend('authenticationFailedUnknownUser', $RAW_data); } $attempt->Status = 'Failure'; } if (is_array($RAW_data['Email'])) { user_error("Bad email passed to MemberAuthenticator::authenticate(): {$RAW_data['Email']}", E_USER_WARNING); return false; } $attempt->Email = $RAW_data['Email']; $attempt->IP = Controller::curr()->getRequest()->getIP(); $attempt->write(); } // Legacy migration to precision-safe password hashes. // A login-event with cleartext passwords is the only time // when we can rehash passwords to a different hashing algorithm, // bulk-migration doesn't work due to the nature of hashing. // See PasswordEncryptor_LegacyPHPHash class. if ($member && self::$migrate_legacy_hashes && array_key_exists($member->PasswordEncryption, self::$migrate_legacy_hashes)) { $member->Password = $RAW_data['Password']; $member->PasswordEncryption = self::$migrate_legacy_hashes[$member->PasswordEncryption]; $member->write(); } if ($member) { Session::clear('BackURL'); } else { if ($form && $result) { $form->sessionMessage($result->message(), 'bad'); } } return $member; }
/** * Combine this Validation Result with the ValidationResult given in other. * It will be valid if both this and the other result are valid. * This object will be modified to contain the new validation information. */ function combineAnd(ValidationResult $other) { $this->isValid = $this->isValid && $other->valid(); $this->errorList = array_merge($this->errorList, $other->messageList()); }
public function validate(ValidationResult $result) { $names = array(); if ($result->valid()) { foreach ($this->owner->FlexiFormFields() as $field) { if (empty($field->Name)) { $result->error("Field names cannot be blank. Encountered a blank {$field->Label()} field."); break; } if (in_array($field->Name, $names)) { $result->error("Field Names must be unique per form. {$field->Name} was encountered more than once."); break; } else { $names[] = $field->Name; } $default_value = $field->DefaultValue; if (!empty($default_value) && $field->Options()->exists() && !in_array($default_value, $field->Options()->column('Value'))) { $result->error("The default value of {$field->getName()} must exist as an option value"); break; } } if ($this->FlexiFormID() && ($flexi = FlexiFormUtil::GetFlexiByIdentifier($this->FlexiFormID()))) { if ($flexi->ID != $this->owner->ID) { $result->error('Form Identifier in use by another form.'); } } } }