/**
* Check data for character errors, e.g. letters in a numeric field and return error objects
* @param type $name
* @param string $data - data to be checked
* @param string $dataType - data type to check against
* @param string $description - description of field or data
* @param bool $local - generate local error for a form field
* @return Error - error object or false
*/
private function dataCheck($data, $dataType, $description, $local = false)
{
/*
data type, can be:
text - 0 to 9, a - z, A - Z, \n \r \t . ' " + - _ space
password - 0 to 9, a - z, A - Z
dom - 0-9, a-z, A-Z, ._,/ at least one dot, : & etc.
domchk - checks the domain
email - <= 128 char, @, 0-9, a-z, A-Z, _.+-
emailchk - also checks the domain
date - 0 to 9, /
time - 0 to 9, :
phone - 0-9() +-. space
int - 0-9 -
real - 0-9 . - e
hex - 0-9, a-f, A-F
octal - 0-7
bin - 0,1
gen - any character - when re-displayed any special characters are converted to html special entities and then converted back to characters on submission
*/
if (trim($data) != "") {
$result = $this->checkData->check($dataType, $data);
if ($result !== 0) {
// error return
$errorText = "";
if (!isset($this->errorTextDataStrings[$result])) {
$errorText = $this->t("No description for error code ") . $result;
} elseif ($result === 1) {
// character type error return
if ($local) {
$errorText = sprintf($this->t($this->errorTextDataStringsLocal[$result]), $this->checkData->errorMessage);
} else {
$errorText = sprintf($this->t($this->errorTextData), $this->t($description), sprintf($this->t($this->errorTextDataStrings[$result]), $this->checkData->errorMessage));
}
} else {
if ($local) {
$errorText = $this->t($this->errorTextDataStringsLocal[$result]);
} else {
$errorText = sprintf($this->t($this->errorTextData), $this->t($description), $this->t($this->errorTextDataStrings[$result]));
}
}
$return = new \w34u\ssp\sfc\Error($errorText);
} else {
$return = true;
}
} else {
$return = true;
}
return $return;
}
* +44 (0)7833 512221
*
* Project: SSP - Testing data types
* Routine: test.php
* Created: 29/09/2009
* Descrip: Testing the data types routines.
*
* Revision: a
* Rev. Date 29/09/2009
* Descrip: Created.
*/
namespace w34u\ssp;
require "include.php";
$session = new Protect();
$dataCheck = new CheckData();
$formLang = new sfc\Form(SSP_Path(), "noTable", "languageform");
$formLang->tplf = "testDatatypeLanguage.tpl";
$formLang->formSubmitVar = 'testLanguagechange';
$formLang->fe('select', 'language', 'Language', Protect::$tranlator->getLanguages());
$formLang->fep('deflt = ' . $session->lang);
$formLang->setParam('script', 'onChange="this.form.submit()"');
if ($formLang->processForm($_POST)) {
$session->lang = $formLang->getField('language');
session_write_close();
SSP_Divert(SSP_Path());
} else {
$setLanguage = $formLang->create();
}
$form = new sfc\Form(SSP_Path(), "noTable", "testDatatype");
$form->tplf = "testDatatype.tpl";
public function __construct()
{
$this->generateDSN();
$this->checkProperties();
// build paths to scripts
$this->pathSite = "http://" . $this->url . "/";
$this->pathSiteHttps = "https://" . $this->url . "/";
// set mutibyte encoding
mb_internal_encoding($this->siteEncoding);
if ($this->useSSL) {
// absolute path for ssl
$this->adminDir = $this->pathSiteHttps . $this->adminDir;
$path = $this->pathSiteHttps;
} else {
$this->adminDir = $this->pathSite . $this->adminDir;
$path = $this->pathSite;
}
$this->logonScript = $path . $this->logonScript;
$this->logoffScript = $path . $this->logoffScript;
$this->passwordRecover = $path . $this->passwordRecover;
$this->newPassword = $path . $this->newPassword;
$this->userAdminScript = $path . $this->userAdminScript;
$this->totalAdminScript = $path . $this->totalAdminScript;
$this->userCreation = $path . $this->userCreation;
$this->userConfirm = $path . $this->userConfirm;
$this->userLister = $path . $this->userLister;
// configure debug
if ($this->checkDebugIp) {
if (SSP_paddIp($this->debugIP) === SSP_paddIp($_SERVER['REMOTE_ADDR'])) {
$debug = true;
} else {
$debug = false;
}
} else {
$debug = true;
}
$this->loginDebug = $this->loginDebug and $debug;
$this->accessFaultDebug = $this->accessFaultDebug and $debug;
$this->divertDebug = $this->divertDebug and $debug;
$this->displaySqlFaults = $this->displaySqlFaults and $debug;
date_default_timezone_set($this->siteTimezoneIdentifier);
Protect::setTemplatePath(__DIR__ . $this->templateDir);
// Translation configuration
if ($this->translate) {
// basic language setup
// start debug mode
if ($this->translateDebug) {
Translate::debug();
}
// configure language translation object
$SSP_lang = new Translate($this->lang, $this->translateLangs, __DIR__ . $this->translatePath);
CheckData::addTranslation($SSP_lang);
sfc\Form::addTranslation($SSP_lang);
Protect::addTranslation($SSP_lang);
}
// set up pages not to be included in the history
ProtectBase::addNoHistoryPage($this->logonScript);
ProtectBase::addNoHistoryPage($this->logoffScript);
ProtectBase::addNoHistoryPage($this->passwordRecover);
ProtectBase::addNoHistoryPage($this->userConfirm);
ProtectBase::addNoHistoryPage($this->newPassword);
ProtectBase::addNoHistoryPage($this->userCreation);
/**
* Set up PHP initialisation parameters
*
* These can be ignored and set up in the php.ini if you have access
*
* if you need to change the parameters from the default,
* simply uncomment the line and change the required paramater.
*/
// specifies the name of the session which is used as cookie name. It should only contain alphanumeric characters.
ini_set("session.name", $this->sessVarName);
// defines the name of the handler which is used for storing and retrieving data associated with a session.
// files - uses inbuilt php routines, only good for unix systems with small numbers of users
// user - database using abstraction layer.
ini_set("session.save_handler", "user");
// specifies the number of seconds after which a session will be seen as 'garbage' and cleaned up. Will also clean up any other temporary tables.
ini_set("session.gc_maxlifetime", $this->sessMaxLifetime);
// 1440 = 24 minutes
// defines the argument which is passed to the save handler. If you choose the default files handler, this is the path where the files are created. Put in directory your system can access, but not a user with a browser.
ini_set("session.save_path", "/usr/local/tmp");
// specifies the probability that the gc (garbage collection) routine is started on each request in percentage. You might want to lower this for busy sites.
ini_set("session.gc_probability", "10");
// defines the name of the handler which is used to serialize/deserialize data. Currently, a PHP internal format (name php) and WDDX is supported (name wddx). WDDX is only available, if PHP is compiled with WDDX support. Defaults to php.
// ini_set("session.serialize_handler","php");
// the lifetime of the cookie in seconds which is sent to the browser. The value 0 means "until the browser is closed."
// ini_set("session.cookie_lifetime","0");
// specifies path to set in session_cookie.
ini_set("session.cookie_path", $this->cookiePath);
// specifies the domain to set in session_cookie.
ini_set("session.cookie_domain", $this->cookieDomain);
if ($this->useSSL) {
ini_set("session.cookie_secure", 1);
ini_set('session.cookie_httponly', 1);
}
}
/**
* Changes get and/or post parameters
* @param any $param
* @param string $paramName
* @param bool $getParam - look in get vars first
* @param string $dataType - data type to check
*/
function SSP_changeParam(&$param, $paramName, $getParam = true, $dataType = "lable")
{
$checkData = new CheckData();
$result = "";
$gotChange = false;
if ($getParam) {
if (isset($_GET[$paramName])) {
$result = $_GET[$paramName];
$gotChange = true;
} elseif (isset($_POST[$paramName])) {
$result = $_POST[$paramName];
$gotChange = true;
}
} else {
if (isset($_POST[$paramName])) {
$result = $_POST[$paramName];
$gotChange = true;
} elseif (isset($_GET[$paramName])) {
$result = $_GET[$paramName];
$gotChange = true;
}
}
if ($gotChange and !$checkData->check($dataType, $result)) {
$param = $result;
}
}
