public function build($obj_build_exclude = array()) { global $APP; global $hf_parameters_given; parent::build($obj_build_exclude); $this->obj_hfp_vcs = array(); $hfp_vcs = new hfp_vcs(); $all_constraints = $hfp_vcs->get_from_hashrange($this->id); if (is_array($all_constraints)) { foreach ($all_constraints as $each_constraint) { $a_hfp_vcs = new hfp_vcs(); $a_hfp_vcs->set($each_constraint); $a_hfp_vcs->build(); $this->obj_hfp_vcs[] = $a_hfp_vcs; } } $hfp_name = $this->parameter_name; // hf parameter given $_POSTGET = array(); foreach ($_GET as $GK => $GV) { $_POSTGET[$GK] = $GV; } foreach ($_POST as $PK => $PV) { $_POSTGET[$PK] = $PV; } if (isset($_POSTGET[$hfp_name]) && intval($this->int_immutable) == 0) { if (intval($this->int_preserve_encode) == 0) { $this->value = $_POSTGET[$hfp_name]; } else { if (urlencode($_POSTGET[$hfp_name]) != $_POSTGET[$hfp_name]) { $this->value = urlencode($_POSTGET[$hfp_name]); } else { $this->value = $_POSTGET[$hfp_name]; } } $hf_parameters_given = true; $mode_short = false; } else { // hf parameter value not given // or hf parameter is immutable (will always have default value) // only in edit mode, does "user id" make any sense :( if (false) { $this->value = "123"; } else { $default_value = $this->obj_default_value->body; $this->value = $default_value; if (intval($this->int_preserve_encode) == 0) { $this->value = urldecode($default_value); } else { $this->value = $default_value; } } } // hf parameter given in arguments if (is_secret($this->keyword)) { $this->printable_value = "*****"; } else { $this->printable_value = $this->value; } // get value constraints $parameter_constraints = $this->obj_hfp_vcs; $validated_value = ""; if (count($parameter_constraints) > 0) { if (isset($this->value)) { $fstr = "" . $this->value . ""; if (strlen($fstr) > 0) { for ($fstri = 0; $fstri < strlen($fstr); $fstri++) { $character = substr($fstr, $fstri, 1); $bMatch = false; $bEnforceRules = false; if (is_array($parameter_constraints)) { foreach ($parameter_constraints as $parameter_constraint) { // 1 allow alphanumeric // 2 allow spaces // 3 allow numbers // 4 allow alphabetic characters // 5 allow the following special characters: if ($parameter_constraint->id_constraint_type == "allow-alphanum") { $bEnforceRules = true; // allow alphanumeric if (ctype_alnum($character)) { $bMatch = true; } else { $bMatch = false; } } else { if ($parameter_constraint->id_constraint_type == 'allow-space') { $bEnforceRules = true; // allow spaces if ($character == " ") { $bMatch = true; } } else { if ($parameter_constraint->id_constraint_type == 'allow-num') { $bEnforceRules = true; // allow numbers if (is_numeric($character)) { $bMatch = true; } } else { if ($parameter_constraint->id_constraint_type == 'allow-alpha') { $bEnforceRules = true; // allow alphabetic if (ctype_alpha($character)) { $bMatch = true; } } else { if ($parameter_constraint->id_constraint_type == 'allow-special') { $bEnforceRules = true; // allow the following characters $ctxt = $parameter_constraint->obj_constraint_text->body; for ($i = 0; $i < strlen($ctxt); $i++) { $ctxc = substr($ctxt, $i, 1); if ($character == $ctxc) { $bMatch = true; break; } } } } } } } if ($bMatch) { break; } } // end foreach (each constraint on parameter) } // end if (is array) if ($bMatch || !$bEnforceRules) { $validated_value = $validated_value . $character; } } // foreach (each character in value) $this->value = $validated_value; } // end if (string longer than 0 length) } // end if (hf parameter value isset) } else { $validated_value = $this->value; } $bMatches = true; if (is_array($parameter_constraints)) { foreach ($parameter_constraints as $parameter_constraint) { // 5 disallowed string // 6 must match regular expression if ($parameter_constraint->id_constraint_type == 'disallowed-str') { // 5 disallowed string if (strpos($validated_value, $parameter_constraint->obj_constraint_text->body) !== false) { $bMatches = false; } } else { if ($parameter_constraint->id_constraint_type == 'match-regex') { // 6 must match regular expression if (preg_match($parameter_constraint->obj_constraint_text->body, $validated_value) == 0) { $bMatches = false; } } } // end if (constraint type) if (!$bMatches) { break; } } // foreach (parameter constraint) } // end if (count param constraints) if (!$bMatches) { // hf parameter value not given // only in edit mode does "user id" make any sense :( if (false) { $this->value = "123"; } else { if (intval($this->int_preserve_encode) == 0) { $this->value = urldecode($this->obj_default_value->body); } else { $this->value = $this->obj_default_value->body; } } } // end if (constraint types 5 or 6 failed validation) - restore default values }
$props['id_hf_parameter'] = $_POST['id_hf_parameter']; $props['id'] = sha1(time() . $_POST['expression']); $props['id_constraint_type'] = $_POST['id_constraint_type']; $props['str_constraint_text'] = $_POST['expression']; $new_hfp_vcs = new hfp_vcs(); $new_hfp_vcs->create($props); } } } } // delete hf parameter constraint if (isset($_GET['action'])) { if ($_GET['action'] == "delete-hf-parameter-constraint") { if (isset($_POST['id_constraint'])) { $delete_hfp_vc = new hfp_vcs(); $delete_hfp_vc->get_from_hashrange($_POST['id_hfp'], $_POST['id_constraint']); if ($delete_hfp_vc->id_hf_parameter != 'undefined') { $delete_hfp_vc->delete(); } } } } // main page - add a hf if (isset($_GET['action'])) { if ($_GET['action'] == 'delete-user-server') { if (isset($_POST['name'])) { $this_user_server = new user_server(); $this_user_server->get_from_hashrange($u->id_user, $_POST['name']); if ($this_user_server->id_user != "undefined") { $this_user_server->delete(); }