function testNumbers() { $res = true; $this->assertEqual(Input::sanitizeNumeric(10), 10); $this->assertEqual(Input::sanitizeNumeric("10"), 10); $this->assertEqual(Input::sanitizeNumeric(-3), -3); $this->assertEqual(Input::sanitizeNumeric(380243), 380243); $this->assertNotEqual(Input::sanitizeNumeric("hello world"), "hello world"); $this->assertNotEqual(Input::sanitizeNumeric("x10"), "x10"); }
public function pre_process($person) { parent::pre_process($person); /* IF user is not subscirber- or nren-admin, we stop here */ if (!($this->person->isSubscriberAdmin() || $this->person->isNRENAdmin())) { return false; } if (isset($_POST['setting'])) { switch ($_POST['setting']) { case 'nren_contact': if ($this->person->isNRENAdmin()) { if (array_key_exists('contact_email', $_POST)) { $this->form_data['contact_email'] = Input::sanitizeEmail($_POST['contact_email']); if ($_POST['contact_email'] !== $this->form_data['contact_email']) { $this->displayInvalidCharError($_POST['contact_email'], $_POST['contact_email'], 'l10n_label_contactemail'); $this->form_data['contact_email'] = ""; $this->validationError = true; } } if (array_key_exists('contact_phone', $_POST)) { $this->form_data['contact_phone'] = Input::sanitizePhone($_POST['contact_phone']); if ($_POST['contact_phone'] !== $this->form_data['contact_phone']) { $this->displayInvalidCharError($_POST['contact_phone'], $this->form_data['contact_phone'], 'l10n_label_contactphone'); $this->form_data['contact_phone'] = ""; $this->validationError = true; } } if (array_key_exists('cert_phone', $_POST)) { $this->form_data['sanitizedCertPhone'] = Input::sanitizePhone($_POST['cert_phone']); if ($_POST['cert_phone'] != $this->form_data['sanitizedCertPhone']) { $this->displayInvalidCharError($_POST['cert_phone'], $this->form_data['sanitizedCertPhone'], 'l10n_label_certphone'); $this->form_data['sanitizedCertPhone'] = ""; $this->validationError = true; } } if (array_key_exists('cert_email', $_POST)) { $this->form_data['sanitizedCertEmail'] = Input::sanitizeEmail($_POST['cert_email']); if ($_POST['cert_email'] != $this->form_data['sanitizedCertEmail']) { $this->displayInvalidCharError($_POST['cert_email'], $this->form_data['sanitizedCertEmail'], 'l10n_label_certmail'); $this->form_data['sanitizedCertEmail'] = ""; $this->validationError = true; } } if (array_key_exists('url', $_POST)) { $this->form_data['sanitizedURL'] = Input::sanitizeURL($_POST['url']); if ($_POST['url'] != $this->form_data['sanitizedURL']) { $this->displayInvalidCharError($_POST['url'], $this->form_data['sanitizedURL'], 'l10n_label_nrenurl'); $this->form_data['sanitizedURL'] = ""; $this->validationError = true; } } if (array_key_exists('wayf_url', $_POST)) { $this->form_data['sanitizedWAYF'] = Input::sanitizeURL($_POST['wayf_url']); if ($_POST['wayf_url'] != $this->form_data['sanitizedWAYF']) { $this->displayInvalidCharError($_POST['wayf_url'], $this->form_data['sanitizedWAYF'], 'l10n_label_wayfurl'); $this->form_data['sanitizedWAYF'] = ""; $this->validationError = true; } } if (array_key_exists('enable_email', $_POST) && isset($_POST['enable_email'])) { if (Config::get_config('cert_product') == PRD_PERSONAL) { if (array_key_exists($_POST['enable_email'], $this->PERSONAL_MAILOPTIONS)) { $this->form_data['enable_email'] = $_POST['enable_email']; } } else { if (array_key_exists($_POST['enable_email'], $this->ESCIENCE_MAILOPTIONS)) { $this->form_data['enable_email'] = $_POST['enable_email']; } } } if (array_key_exists('reauth_timeout', $_POST) && isset($_POST['reauth_timeout'])) { $this->form_data['reauth_timeout'] = Input::sanitizeNumeric($_POST['reauth_timeout']); } if (isset($_POST['cert_validity']) && array_search($_POST['cert_validity'], ConfusaConstants::$CAPI_VALID_PERSONAL) !== FALSE) { $this->form_data['cert_validity'] = $_POST['cert_validity']; } if (isset($_POST['language'])) { $this->form_data['language'] = Input::sanitizeLangCode($_POST['language']); } /* don't continue if information has been stripped */ if ($this->validation_error) { return; } if ($this->updateNRENContact()) { Framework::success_output($this->translateTag('l10n_suc_updatenren', 'contactinfo') . " " . $this->person->getNREN()->getName()); } } break; case 'subscriber_contact': if ($this->person->isSubscriberAdmin()) { $sanitizedMail = Input::sanitizeEmail($_POST['contact_email']); $sanitizedPhone = Input::sanitizePhone($_POST['contact_phone']); $sanitizedRespName = Input::sanitizePersonName($_POST['resp_name']); $sanitizedRespMail = Input::sanitizeEmail($_POST['resp_email']); $sanitizedHelpdeskURL = Input::sanitizeURL($_POST['helpdesk_url']); $sanitizedHelpdeskMail = Input::sanitizeEmail($_POST['helpdesk_email']); $this->validationError = false; if ($_POST['contact_email'] != $sanitizedMail) { $this->displayInvalidCharError($_POST['contact_email'], $sanitizedMail, 'l10n_label_contactemail'); $this->validationError = true; } if ($_POST['contact_phone'] != $sanitizedPhone) { $this->displayInvalidCharError($_POST['contact_phone'], $sanitizedPhone, 'l10n_label_contactphone'); $this->validationError = true; } if ($_POST['resp_name'] != $sanitizedRespName) { $this->displayInvalidCharError($_POST['resp_name'], $sanitizedRespName, 'l10n_label_respname'); $this->validationError = true; } if ($_POST['resp_email'] != $sanitizedRespMail) { $this->displayInvalidCharError($_POST['resp_email'], $sanitizedRespMail, 'l10n_label_respemail'); $this->validationError = true; } if ($_POST['helpdesk_url'] != $sanitizedHelpdeskURL) { $this->displayInvalidCharError($_POST['helpdesk_url'], $sanitizedHelpdeskURL, 'l10n_label_helpdeskurl'); $this->validationError = true; } if ($_POST['helpdesk_email'] != $sanitizedHelpdeskMail) { $this->displayInvalidCharError($_POST['helpdesk_email'], $sanitizedHelpdeskMail, 'l10n_label_helpemail'); $this->validationError = true; } /* * don't continue if data got stripped */ if ($this->validationError) { return; } $this->updateSubscriberContact($sanitizedMail, $sanitizedPhone, $sanitizedRespName, $sanitizedRespMail, $sanitizedHelpdeskURL, $sanitizedHelpdeskMail, Input::sanitizeLangCode($_POST['language'])); } break; default: Framework::error_output("Unknown action (" . htmlentities($_POST['setting']) . ")"); break; } } }