if ($field['Required']) { ?> <span style="color: #FF0000;">*</span><?php } ?> </td> <?php if ($confirm || $finished) { if ($field['ValFunction'] == 31) { // credit card number ?> <td><?php echo ccMaskNumber($_POST[$field['GFID']]); ?> (<?php echo ccCalculateType($_POST[$field['GFID']]); ?> ) <?php if (!$finished) { ?> <input name="<?php echo $field['GFID']; ?> " type="hidden" id="<?php echo $field['GFID']; ?> " value="<?php echo ccEncrypt($_POST[$field['GFID']]); ?> " <?php
// text field ?> <tr valign="top"> <td width="<?php echo $group['CaptWidth']; ?> "><?php echo $field['Caption']; ?> </td> <td><?php echo $rego[$field['UID']]; if ($field['ValFunction'] == 31) { ?> (<?php echo ccCalculateType($rego[$field['UID']]); ?> )<?php } ?> </td> </tr> <?php break; case 3: // text area ?> <tr valign="top"> <td width="<?php echo $group['CaptWidth']; ?>
function vfValidate($valFunction, &$fieldValue, &$message, $db = NULL, $acceptedCards = "") { switch ($valFunction) { case 11: // numeric only $valid = preg_match("/^[0-9]+\$/", $fieldValue); if (!$valid) { $message = "Must only contain numbers."; } return $valid; break; case 12: // numeric only (including spaces and dashes) $valid = preg_match("/^[0-9\\ \\-]+\$/", $fieldValue); if (!$valid) { $message = "Must only contain numbers, spaces and dashes."; } return $valid; break; case 13: // phone number (characters and basic syntax) $valid = preg_match("/^(\\+[0-9]{1,3}\\ ?)?(\\([0-9]+\\)\\ ?)?[0-9][0-9\\ \\-]+\$/", $fieldValue); if (!$valid) { $message = "Invalid phone number."; } return $valid; break; case 14: // email address (syntax only) $valid = preg_match("/^([_a-z0-9-]+)(\\.[_a-z0-9-]+)*@([a-z0-9-]+)(\\.[a-z0-9-]+)*(\\.[a-z]{2,6})\$/i", $fieldValue); if (!$valid) { $message = "Invalid email address."; } return $valid; break; case 15: // web site/page (syntax only) $valid = preg_match("/^(https?:\\/\\/)?([a-z0-9-]+)(\\.[a-z0-9-]+)*(\\.[a-z]{2,6})(:[0-9]{1,5})?\\/?/i", $fieldValue); if (!$valid) { $message = "Invalid website."; } return $valid; break; case 21: // registered username $rsVal = $db->Execute("SELECT MemberName " . "FROM " . $GLOBALS['DB_PREFIX'] . "Member " . "WHERE MemberName = '" . $fieldValue . "'"); if ($valid = $val = $rsVal->FetchRow()) { // correct case of field value by retrieving it from database $fieldVal = $val['MemberName']; } else { $message = "Username not in database."; } return $valid; break; case 22: // registered author $rsVal = $db->Execute("SELECT CONCAT_WS(' ', FirstName, MiddleName, LastName) AS Author" . "FROM " . $GLOBALS['DB_PREFIX'] . "Member " . "WHERE CONCAT_WS(' ', FirstName, MiddleName, LastName) = '" . $fieldValue . "'"); if ($valid = $val = $rsVal->FetchRow()) { // correct case of field value by retrieving it from database $fieldVal = $val['Author']; } else { $message = "Author name not in database."; } return $valid; break; case 23: // registered paper name $rsVal = $db->Execute("SELECT Title " . "FROM " . $GLOBALS['DB_PREFIX'] . "Paper " . "WHERE Title = '" . $fieldValue . "'"); if ($valid = $val = $rsVal->FetchRow()) { // correct case of field value by retrieving it from database $fieldVal = $val['Title']; } else { $message = "Paper name not in database."; } return $valid; break; case 31: // credit card number // check card number syntax if (($cardType = ccCalculateType($fieldValue)) !== false) { // check if card is accepted if (in_array($cardType, explode("|", $acceptedCards))) { // check card number checkdigit if (ccCheckNumber($fieldValue)) { return true; } else { $message = "Invalid credit card number."; return false; } } else { $message = $cardType . " is not accepted."; return false; } } else { $message = "Invalid credit card number."; return false; } break; case 32: // credit card expiry date $valid = ccCheckExpiry($fieldValue, $message); if (!$valid) { $message = $message > "" ? $message : "Invalid expiry date."; } return $valid; break; default: // invalid validation function, assume correct return true; break; } }