public static function validate(&$form, $field_values, $page_number = 0, &$failed_validation_page = 0)
{
$form = apply_filters('gform_pre_validation', $form);
// validate form schedule
if (self::validate_form_schedule($form)) {
return false;
}
// validate entry limit
if (self::validate_entry_limit($form)) {
return false;
}
foreach ($form["fields"] as &$field) {
//If a page number is specified, only validates fields that are on current page
$field_in_other_page = $page_number > 0 && $field["pageNumber"] != $page_number;
//validate fields with "no duplicate" functionality when they are present on pages before the current page.
$validate_duplicate_feature = $field["noDuplicates"] && $page_number > 0 && $field["pageNumber"] <= $page_number;
if ($field_in_other_page && !$validate_duplicate_feature) {
continue;
}
//ignore validation if field is hidden or admin only
if (RGFormsModel::is_field_hidden($form, $field, $field_values) || $field["adminOnly"]) {
continue;
}
$value = RGFormsModel::get_field_value($field);
//display error message if field is marked as required and the submitted value is empty
if ($field["isRequired"] && self::is_empty($field, $form["id"])) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"];
} else {
if ($field["noDuplicates"] && RGFormsModel::is_duplicate($form["id"], $field, $value)) {
$field["failed_validation"] = true;
//set page number so the failed field displays if on multi-page form
$failed_validation_page = $field["pageNumber"];
$input_type = RGFormsModel::get_input_type($field);
switch ($input_type) {
case "date":
$default_message = __("This date has already been taken. Please select a new date.", "gravityforms");
break;
default:
$default_message = is_array($value) ? __("This field requires an unique entry and the values you entered have been already been used.", "gravityforms") : sprintf(__("This field requires an unique entry and '%s' has already been used", "gravityforms"), $value);
break;
}
$field["validation_message"] = apply_filters("gform_duplicate_message_{$form["id"]}", apply_filters("gform_duplicate_message", $default_message, $form), $form);
} else {
if (self::failed_state_validation($form["id"], $field, $value)) {
$field["failed_validation"] = true;
$field["validation_message"] = in_array($field["inputType"], array("singleproduct", "singleshipping", "hiddenproduct")) ? __("Please enter a valid value.", "gravityforms") : __("Invalid selection. Please select one of the available choices.", "gravityforms");
} else {
switch (RGFormsModel::get_input_type($field)) {
case "password":
$password = $_POST["input_" . $field["id"]];
$confirm = $_POST["input_" . $field["id"] . "_2"];
if ($password != $confirm) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Your passwords do not match.", "gravityforms");
} else {
if (rgar($field, "passwordStrengthEnabled") && !rgempty("minPasswordStrength", $field) && !empty($password)) {
$strength = $_POST["input_" . $field["id"] . "_strength"];
$levels = array("short" => 1, "bad" => 2, "good" => 3, "strong" => 4);
if ($levels[$strength] < $levels[$field["minPasswordStrength"]]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Your password does not meet the required strength. <br/>Hint: To make it stronger, use upper and lower case letters, numbers and symbols like ! \" ? \$ % ^ & ).", "gravityforms") : $field["errorMessage"];
}
}
}
break;
case "name":
if ($field["isRequired"] && $field["nameFormat"] != "simple") {
$first = $_POST["input_" . $field["id"] . "_3"];
$last = $_POST["input_" . $field["id"] . "_6"];
if (empty($first) || empty($last)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter the first and last name.", "gravityforms") : $field["errorMessage"];
}
}
break;
case "address":
if ($field["isRequired"]) {
$street = $_POST["input_" . $field["id"] . "_1"];
$city = $_POST["input_" . $field["id"] . "_3"];
$state = $_POST["input_" . $field["id"] . "_4"];
$zip = $_POST["input_" . $field["id"] . "_5"];
$country = $_POST["input_" . $field["id"] . "_6"];
if (empty($street) || empty($city) || empty($zip) || empty($state) && !$field["hideState"] || empty($country) && !$field["hideCountry"]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a complete address.", "gravityforms") : $field["errorMessage"];
}
}
break;
case "creditcard":
$card_number = rgpost("input_" . $field["id"] . "_1");
$expiration_date = rgpost("input_" . $field["id"] . "_2");
$security_code = rgpost("input_" . $field["id"] . "_3");
if (rgar($field, "isRequired") && (empty($card_number) || empty($security_code) || empty($expiration_date[0]) || empty($expiration_date[1]))) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter your credit card information.", "gravityforms") : $field["errorMessage"];
} else {
if (!empty($card_number)) {
$card_type = GFCommon::get_card_type($card_number);
$security_code = rgpost("input_" . $field["id"] . "_3");
if (empty($security_code)) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Please enter your card's security code.", "gravityforms");
} else {
if (!$card_type) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Invalid credit card number.", "gravityforms");
} else {
if (!GFCommon::is_card_supported($field, $card_type["slug"])) {
$field["failed_validation"] = true;
$field["validation_message"] = $card_type["name"] . " " . __("is not supported. Please enter one of the supported credit cards.", "gravityforms");
}
}
}
}
}
break;
case "email":
if (!rgblank($value) && !GFCommon::is_valid_email($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid email address.", "gravityforms") : $field["errorMessage"];
} else {
if (rgget("emailConfirmEnabled", $field) && !empty($value)) {
$confirm = rgpost("input_" . $field["id"] . "_2");
if ($confirm != $value) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Your emails do not match.", "gravityforms");
}
}
}
break;
case "donation":
case "price":
if (!class_exists("RGCurrency")) {
require_once "currency.php";
}
$donation = GFCommon::to_number($value);
if (!rgblank($value) && ($donation === false || $donation < 0)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid amount.", "gravityforms") : $field["errorMessage"];
}
break;
case "number":
if (!rgblank($value) && !self::validate_range($field, $value) && !GFCommon::has_field_calculation($field)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? GFCommon::get_range_message($field) : $field["errorMessage"];
} else {
if ($field["type"] == "quantity" && intval($value) != $value) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid quantity. Quantity cannot contain decimals.", "gravityforms") : $field["errorMessage"];
}
}
break;
case "phone":
$regex = '/^\\D?(\\d{3})\\D?\\D?(\\d{3})\\D?(\\d{4})$/';
if ($field["phoneFormat"] == "standard" && !empty($value) && !preg_match($regex, $value)) {
$field["failed_validation"] = true;
if (!empty($field["errorMessage"])) {
$field["validation_message"] = $field["errorMessage"];
}
}
break;
case "date":
if (is_array($value) && rgempty(0, $value) && rgempty(1, $value) && rgempty(2, $value)) {
$value = null;
}
if (!empty($value)) {
$format = empty($field["dateFormat"]) ? "mdy" : $field["dateFormat"];
$date = GFCommon::parse_date($value, $format);
if (empty($date) || !self::checkdate($date["month"], $date["day"], $date["year"])) {
$field["failed_validation"] = true;
$format_name = "";
switch ($format) {
case "mdy":
$format_name = "mm/dd/yyyy";
break;
case "dmy":
$format_name = "dd/mm/yyyy";
break;
case "dmy_dash":
$format_name = "dd-mm-yyyy";
break;
case "dmy_dot":
$format_name = "dd.mm.yyyy";
break;
case "ymd_slash":
$format_name = "yyyy/mm/dd";
break;
case "ymd_dash":
$format_name = "yyyy-mm-dd";
break;
case "ymd_dot":
$format_name = "yyyy.mm.dd";
break;
}
$message = $field["dateType"] == "datepicker" ? sprintf(__("Please enter a valid date in the format (%s).", "gravityforms"), $format_name) : __("Please enter a valid date.", "gravityforms");
$field["validation_message"] = empty($field["errorMessage"]) ? $message : $field["errorMessage"];
}
}
break;
case "time":
//create variable values if time came in one field
if (!is_array($value) && !empty($value)) {
preg_match('/^(\\d*):(\\d*) ?(.*)$/', $value, $matches);
$value = array();
$value[0] = $matches[1];
$value[1] = $matches[2];
}
$hour = $value[0];
$minute = $value[1];
if (empty($hour) && empty($minute)) {
break;
}
$is_valid_format = is_numeric($hour) && is_numeric($minute);
$min_hour = rgar($field, "timeFormat") == "24" ? 0 : 1;
$max_hour = rgar($field, "timeFormat") == "24" ? 23 : 12;
if (!$is_valid_format || $hour < $min_hour || $hour > $max_hour || $minute < 0 || $minute >= 60) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid time.", "gravityforms") : $field["errorMessage"];
}
break;
case "website":
if (empty($value) || $value == "http://") {
$value = "";
if ($field["isRequired"]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"];
}
}
if (!empty($value) && !GFCommon::is_valid_url($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid Website URL (i.e. http://www.gravityforms.com).", "gravityforms") : $field["errorMessage"];
}
break;
case "captcha":
switch ($field["captchaType"]) {
case "simple_captcha":
if (class_exists("ReallySimpleCaptcha")) {
$prefix = $_POST["input_captcha_prefix_{$field["id"]}"];
$captcha_obj = GFCommon::get_simple_captcha();
if (!$captcha_obj->check($prefix, str_replace(" ", "", $value))) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The CAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"];
}
//removes old files in captcha folder (older than 1 hour);
$captcha_obj->cleanup();
}
break;
case "math":
$prefixes = explode(",", $_POST["input_captcha_prefix_{$field["id"]}"]);
$captcha_obj = GFCommon::get_simple_captcha();
//finding first number
$first = 0;
for ($first = 0; $first < 10; $first++) {
if ($captcha_obj->check($prefixes[0], $first)) {
break;
}
}
//finding second number
$second = 0;
for ($second = 0; $second < 10; $second++) {
if ($captcha_obj->check($prefixes[2], $second)) {
break;
}
}
//if it is a +, perform the sum
if ($captcha_obj->check($prefixes[1], "+")) {
$result = $first + $second;
} else {
$result = $first - $second;
}
if (intval($result) != intval($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The CAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"];
}
//removes old files in captcha folder (older than 1 hour);
$captcha_obj->cleanup();
break;
default:
if (!function_exists("recaptcha_get_html")) {
require_once GFCommon::get_base_path() . '/recaptchalib.php';
}
$privatekey = get_option("rg_gforms_captcha_private_key");
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The reCAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"];
}
}
break;
case "fileupload":
case "post_image":
$info = pathinfo($_FILES["input_" . $field["id"]]["name"]);
$allowedExtensions = self::clean_extensions(explode(",", strtolower($field["allowedExtensions"])));
$extension = strtolower(rgget("extension", $info));
if (empty($field["allowedExtensions"]) && in_array($extension, array("php", "asp", "exe", "com", "htaccess"))) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The uploaded file type is not allowed.", "gravityforms") : $field["errorMessage"];
} else {
if (!empty($field["allowedExtensions"]) && !empty($info["basename"]) && !in_array($extension, $allowedExtensions)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? sprintf(__("The uploaded file type is not allowed. Must be one of the following: %s", "gravityforms"), strtolower($field["allowedExtensions"])) : $field["errorMessage"];
}
}
break;
case "calculation":
case "singleproduct":
case "hiddenproduct":
$quantity_id = $field["id"] . ".3";
$quantity = rgget($quantity_id, $value);
if ($field["isRequired"] && rgblank($quantity) && !rgar($field, "disableQuantity")) {
$field["failed_validation"] = true;
$field["validation_message"] = rgempty("errorMessage", $field) ? __("This field is required.", "gravityforms") : rgar($field, "errorMessage");
} else {
if (!empty($quantity) && (!is_numeric($quantity) || intval($quantity) != floatval($quantity))) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Please enter a valid quantity", "gravityforms");
}
}
break;
case "radio":
if (rgar($field, 'enableOtherChoice') && $value == 'gf_other_choice') {
$value = rgpost("input_{$field['id']}_other");
}
if ($field["isRequired"] && rgar($field, 'enableOtherChoice') && $value == GFCommon::get_other_choice_value()) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"];
}
break;
}
}
}
}
$custom_validation_result = apply_filters("gform_field_validation", array("is_valid" => rgar($field, "failed_validation") ? false : true, "message" => rgar($field, "validation_message")), $value, $form, $field);
$custom_validation_result = apply_filters("gform_field_validation_{$form["id"]}", $custom_validation_result, $value, $form, $field);
$custom_validation_result = apply_filters("gform_field_validation_{$form["id"]}_{$field["id"]}", $custom_validation_result, $value, $form, $field);
$field["failed_validation"] = rgar($custom_validation_result, "is_valid") ? false : true;
$field["validation_message"] = rgar($custom_validation_result, "message");
}
$is_valid = true;
foreach ($form["fields"] as $f) {
if (rgar($f, "failed_validation")) {
$is_valid = false;
break;
}
}
$validation_result = apply_filters("gform_validation_{$form["id"]}", apply_filters("gform_validation", array("is_valid" => $is_valid, "form" => $form)));
$is_valid = $validation_result["is_valid"];
$form = $validation_result["form"];
return $is_valid;
}
public static function validate(&$form, $field_values, $page_number = 0, &$failed_validation_page = 0)
{
$form = gf_apply_filters(array('gform_pre_validation', $form['id']), $form);
// validate form schedule
if (self::validate_form_schedule($form)) {
return false;
}
// validate entry limit
if (self::validate_entry_limit($form)) {
return false;
}
// Prevent tampering with the submitted form
if (empty($_POST['is_submit_' . $form['id']])) {
return false;
}
$is_valid = true;
foreach ($form['fields'] as &$field) {
/* @var GF_Field $field */
//If a page number is specified, only validates fields that are on current page
$field_in_other_page = $page_number > 0 && $field->pageNumber != $page_number;
//validate fields with 'no duplicate' functionality when they are present on pages before the current page.
$validate_duplicate_feature = $field->noDuplicates && $page_number > 0 && $field->pageNumber <= $page_number;
if ($field_in_other_page && !$validate_duplicate_feature) {
continue;
}
// don't validate adminOnly fields.
if ($field->adminOnly) {
continue;
}
//ignore validation if field is hidden
if (RGFormsModel::is_field_hidden($form, $field, $field_values)) {
$field->is_field_hidden = true;
continue;
}
$value = RGFormsModel::get_field_value($field);
$input_type = RGFormsModel::get_input_type($field);
//display error message if field is marked as required and the submitted value is empty
if ($field->isRequired && self::is_empty($field, $form['id'])) {
$field->failed_validation = true;
$field->validation_message = empty($field->errorMessage) ? __('This field is required.', 'gravityforms') : $field->errorMessage;
} else {
if ($field->noDuplicates && RGFormsModel::is_duplicate($form['id'], $field, $value)) {
$field->failed_validation = true;
//set page number so the failed field displays if on multi-page form
$failed_validation_page = $field->pageNumber;
switch ($input_type) {
case 'date':
$default_message = __('This date has already been taken. Please select a new date.', 'gravityforms');
break;
default:
$default_message = is_array($value) ? __('This field requires a unique entry and the values you entered have been already been used.', 'gravityforms') : sprintf(__("This field requires a unique entry and '%s' has already been used", 'gravityforms'), $value);
break;
}
$field->validation_message = gf_apply_filters(array('gform_duplicate_message', $form['id']), $default_message, $form, $field, $value);
} else {
if (self::failed_state_validation($form['id'], $field, $value)) {
$field->failed_validation = true;
$field->validation_message = in_array($field->inputType, array('singleproduct', 'singleshipping', 'hiddenproduct')) ? __('Please enter a valid value.', 'gravityforms') : __('Invalid selection. Please select one of the available choices.', 'gravityforms');
} else {
$field->validate($value, $form);
}
}
}
$custom_validation_result = gf_apply_filters(array('gform_field_validation', $form['id'], $field->id), array('is_valid' => $field->failed_validation ? false : true, 'message' => $field->validation_message), $value, $form, $field);
$field->failed_validation = rgar($custom_validation_result, 'is_valid') ? false : true;
$field->validation_message = rgar($custom_validation_result, 'message');
if ($field->failed_validation) {
$is_valid = false;
}
}
$is_last_page = self::get_target_page($form, $page_number, $field_values) == '0';
if ($is_valid && $is_last_page && self::is_form_empty($form)) {
foreach ($form['fields'] as &$field) {
$field->failed_validation = true;
$field->validation_message = esc_html__('At least one field must be filled out', 'gravityforms');
$is_valid = false;
unset($field->is_field_hidden);
}
}
$validation_result = gf_apply_filters(array('gform_validation', $form['id']), array('is_valid' => $is_valid, 'form' => $form, 'failed_validation_page' => $failed_validation_page));
$is_valid = $validation_result['is_valid'];
$form = $validation_result['form'];
$failed_validation_page = $validation_result['failed_validation_page'];
return $is_valid;
}
private function validate(&$form, $field_values)
{
$form = apply_filters('gform_pre_validation', $form);
foreach ($form["fields"] as &$field) {
/*
* Skip over the following fields as we aren't processing any of them
*/
$skip_field = false;
switch (RGFormsModel::get_input_type($field)) {
case "captcha":
case "html":
case "password":
case "product":
case "coupon":
case "quantity":
case "shipping":
case "donation":
case "total":
case "singleproduct":
case "hiddenproduct":
case "singleshipping":
case "creditcard":
case "page":
case "post_image":
case "fileupload":
//ignore certain fields
$skip_field = true;
break;
}
if (isset($field['productField']) && (int) $field['productField'] > 0 || $field['type'] == 'shipping') {
$skip_field = true;
}
/* ignore validation if field is hidden or admin only */
if (RGFormsModel::is_field_hidden($form, $field, $field_values) || isset($field['adminOnly']) && $field['adminOnly']) {
$skip_field = true;
}
/* ignore user-defined restricted fields or hidden fields */
if (in_array($field['id'], $this->atts['restricted_fields']) || in_array($field['id'], $this->atts['hidden_fields'])) {
$skip_field = true;
}
if ($skip_field) {
continue;
}
$value = RGFormsModel::get_field_value($field);
//display error message if field is marked as required and the submitted value is empty
if ($field["isRequired"] && GFFormDisplay::is_empty($field, $form["id"])) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"];
} else {
if ($field["noDuplicates"] && RGFormsModel::is_duplicate($form["id"], $field, $value)) {
$field["failed_validation"] = true;
$input_type = RGFormsModel::get_input_type($field);
switch ($input_type) {
case "date":
$default_message = __("This date has already been taken. Please select a new date.", "gravityforms");
break;
default:
$default_message = is_array($value) ? __("This field requires a unique entry and the values you entered have been already been used.", "gravityforms") : sprintf(__("This field requires a unique entry and '%s' has already been used", "gravityforms"), $value);
break;
}
$field["validation_message"] = apply_filters("gform_duplicate_message_{$form["id"]}", apply_filters("gform_duplicate_message", $default_message, $form, $field, $value), $form, $field, $value);
} else {
if (GFFormDisplay::failed_state_validation($form["id"], $field, $value)) {
$field["failed_validation"] = true;
$field["validation_message"] = in_array($field["inputType"], array("singleproduct", "singleshipping", "hiddenproduct")) ? __("Please enter a valid value.", "gravityforms") : __("Invalid selection. Please select one of the available choices.", "gravityforms");
} else {
switch (RGFormsModel::get_input_type($field)) {
case "name":
if ($field["isRequired"] && $field["nameFormat"] != "simple") {
$first = $_POST["input_" . $field["id"] . "_3"];
$last = $_POST["input_" . $field["id"] . "_6"];
if (empty($first) || empty($last)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter the first and last name.", "gravityforms") : $field["errorMessage"];
}
}
break;
case "address":
if ($field["isRequired"]) {
$street = $_POST["input_" . $field["id"] . "_1"];
$city = $_POST["input_" . $field["id"] . "_3"];
$state = $_POST["input_" . $field["id"] . "_4"];
$zip = $_POST["input_" . $field["id"] . "_5"];
$country = $_POST["input_" . $field["id"] . "_6"];
if (empty($street) || empty($city) || empty($zip) || empty($state) && !$field["hideState"] || empty($country) && !$field["hideCountry"]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a complete address.", "gravityforms") : $field["errorMessage"];
}
}
break;
case "email":
if (!rgblank($value) && !GFCommon::is_valid_email($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid email address.", "gravityforms") : $field["errorMessage"];
} else {
if (rgget("emailConfirmEnabled", $field) && !empty($value)) {
$confirm = rgpost("input_" . $field["id"] . "_2");
if ($confirm != $value) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Your emails do not match.", "gravityforms");
}
}
}
break;
case "price":
if (!class_exists("RGCurrency")) {
require_once "currency.php";
}
$donation = GFCommon::to_number($value);
if (!rgblank($value) && ($donation === false || $donation < 0)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid amount.", "gravityforms") : $field["errorMessage"];
}
break;
case "number":
// the POST value has already been converted from currency or decimal_comma to decimal_dot and then cleaned in get_field_value()
$value = GFCommon::maybe_add_leading_zero($value);
$raw_value = $_POST["input_" . $field["id"]];
//Raw value will be tested against the is_numeric() function to make sure it is in the right format.
$requires_valid_number = !rgblank($raw_value) && !GFCommon::has_field_calculation($field);
$is_valid_number = self::validate_range($field, $value) && GFCommon::is_numeric($raw_value, $field["numberFormat"]);
if ($requires_valid_number && !$is_valid_number) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? GFCommon::get_range_message($field) : $field["errorMessage"];
} else {
if ($field['type'] == 'quantity') {
if (intval($value) != $value) {
$field['failed_validation'] = true;
$field['validation_message'] = empty($field['errorMessage']) ? __('Please enter a valid quantity. Quantity cannot contain decimals.', 'gravityforms') : $field['errorMessage'];
} else {
if (!empty($value) && (!is_numeric($value) || intval($value) != floatval($value) || intval($value) < 0)) {
$field['failed_validation'] = true;
$field['validation_message'] = empty($field['errorMessage']) ? __('Please enter a valid quantity', 'gravityforms') : $field['errorMessage'];
}
}
}
}
break;
case "phone":
$regex = '/^\\D?(\\d{3})\\D?\\D?(\\d{3})\\D?(\\d{4})$/';
if ($field["phoneFormat"] == "standard" && $value !== "" && $value !== 0 && !preg_match($regex, $value)) {
$field["failed_validation"] = true;
if (!empty($field["errorMessage"])) {
$field["validation_message"] = $field["errorMessage"];
}
}
break;
case "date":
if (is_array($value) && rgempty(0, $value) && rgempty(1, $value) && rgempty(2, $value)) {
$value = null;
}
if (!empty($value)) {
$format = empty($field["dateFormat"]) ? "mdy" : $field["dateFormat"];
$date = GFCommon::parse_date($value, $format);
if (empty($date) || !GFFormDisplay::checkdate($date["month"], $date["day"], $date["year"])) {
$field["failed_validation"] = true;
$format_name = "";
switch ($format) {
case "mdy":
$format_name = "mm/dd/yyyy";
break;
case "dmy":
$format_name = "dd/mm/yyyy";
break;
case "dmy_dash":
$format_name = "dd-mm-yyyy";
break;
case "dmy_dot":
$format_name = "dd.mm.yyyy";
break;
case "ymd_slash":
$format_name = "yyyy/mm/dd";
break;
case "ymd_dash":
$format_name = "yyyy-mm-dd";
break;
case "ymd_dot":
$format_name = "yyyy.mm.dd";
break;
}
$message = $field["dateType"] == "datepicker" ? sprintf(__("Please enter a valid date in the format (%s).", "gravityforms"), $format_name) : __("Please enter a valid date.", "gravityforms");
$field["validation_message"] = empty($field["errorMessage"]) ? $message : $field["errorMessage"];
}
}
break;
case "time":
//create variable values if time came in one field
if (!is_array($value) && !empty($value)) {
preg_match('/^(\\d*):(\\d*) ?(.*)$/', $value, $matches);
$value = array();
$value[0] = $matches[1];
$value[1] = $matches[2];
}
$hour = $value[0];
$minute = $value[1];
if (empty($hour) && empty($minute)) {
break;
}
$is_valid_format = is_numeric($hour) && is_numeric($minute);
$min_hour = rgar($field, "timeFormat") == "24" ? 0 : 1;
$max_hour = rgar($field, "timeFormat") == "24" ? 23 : 12;
if (!$is_valid_format || $hour < $min_hour || $hour > $max_hour || $minute < 0 || $minute >= 60) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid time.", "gravityforms") : $field["errorMessage"];
}
break;
case "website":
if (empty($value) || $value == "http://") {
$value = "";
if ($field["isRequired"]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"];
}
}
if (!empty($value) && !GFCommon::is_valid_url($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid Website URL (i.e. http://www.gravityforms.com).", "gravityforms") : $field["errorMessage"];
}
break;
case "calculation":
$quantity_id = $field["id"] . ".3";
$quantity = rgget($quantity_id, $value);
if ($field["isRequired"] && rgblank($quantity) && !rgar($field, "disableQuantity")) {
$field["failed_validation"] = true;
$field["validation_message"] = rgempty("errorMessage", $field) ? __("This field is required.", "gravityforms") : rgar($field, "errorMessage");
} else {
if (!empty($quantity) && (!is_numeric($quantity) || intval($quantity) != floatval($quantity) || intval($quantity) < 0)) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Please enter a valid quantity", "gravityforms");
}
}
break;
case "radio":
if (rgar($field, 'enableOtherChoice') && $value == 'gf_other_choice') {
$value = rgpost("input_{$field['id']}_other");
}
if ($field["isRequired"] && rgar($field, 'enableOtherChoice') && $value == GFCommon::get_other_choice_value()) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"];
}
break;
}
}
}
}
$custom_validation_result = apply_filters("gform_field_validation", array("is_valid" => rgar($field, "failed_validation") ? false : true, "message" => rgar($field, "validation_message")), $value, $form, $field);
$custom_validation_result = apply_filters("gform_field_validation_{$form["id"]}", $custom_validation_result, $value, $form, $field);
$custom_validation_result = apply_filters("gform_field_validation_{$form["id"]}_{$field["id"]}", $custom_validation_result, $value, $form, $field);
$field["failed_validation"] = rgar($custom_validation_result, "is_valid") ? false : true;
$field["validation_message"] = rgar($custom_validation_result, "message");
}
$is_valid = true;
foreach ($form["fields"] as $f) {
if (rgar($f, "failed_validation")) {
$is_valid = false;
break;
}
}
$validation_result = apply_filters("gform_validation_{$form["id"]}", apply_filters("gform_validation", array("is_valid" => $is_valid, "form" => $form)));
$is_valid = $validation_result["is_valid"];
$form = $validation_result["form"];
return $is_valid;
}
public static function validate(&$form, $field_values, $page_number = 0)
{
$is_valid = true;
foreach ($form["fields"] as &$field) {
//If a page number is specified, only validates fields that are on current page
if ($page_number > 0 && $field["pageNumber"] != $page_number) {
continue;
}
//ignore validation if field is hidden or admin only
if (RGFormsModel::is_field_hidden($form, $field, $field_values) || $field["adminOnly"]) {
continue;
}
$value = RGFormsModel::get_field_value($field);
//display error message if field is marked as required and the submitted value is empty
if ($field["isRequired"] && self::is_empty($field, $form["id"])) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
} else {
if ($field["noDuplicates"] && RGFormsModel::is_duplicate($form["id"], $field, $value)) {
$field["failed_validation"] = true;
$field["validation_message"] = is_array($value) ? apply_filters("gform_duplicate_message_{$form["id"]}", apply_filters("gform_duplicate_message", __("This field requires an unique entry and the values you entered have been already been used", "gravityforms"), $form), $form) : apply_filters("gform_duplicate_message_{$form["id"]}", apply_filters("gform_duplicate_message", sprintf(__("This field requires an unique entry and '%s' has already been used", "gravityforms"), $value), $form), $form);
$is_valid = false;
} else {
if (self::failed_state_validation($form["id"], $field, $value)) {
$field["failed_validation"] = true;
$field["validation_message"] = in_array($field["inputType"], array("singleproduct", "singleshipping")) ? __("Please enter a valid value.", "gravityforms") : __("Invalid selection. Please select one of the available choices.", "gravityforms");
$is_valid = false;
} else {
switch (RGFormsModel::get_input_type($field)) {
case "password":
$password = $_POST["input_" . $field["id"]];
$confirm = $_POST["input_" . $field["id"] . "_2"];
if ($password != $confirm) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Your passwords do not match.", "gravityforms");
$is_valid = false;
} else {
if ($field["passwordStrengthEnabled"] && !empty($field["minPasswordStrength"]) && !empty($password)) {
$strength = $_POST["input_" . $field["id"] . "_strength"];
$levels = array("short" => 1, "bad" => 2, "good" => 3, "strong" => 4);
if ($levels[$strength] < $levels[$field["minPasswordStrength"]]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Your password does not meet the required strength. <br/>Hint: To make it stronger, use upper and lower case letters, numbers and symbols like ! \" ? \$ % ^ & ).", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
}
break;
case "name":
if ($field["isRequired"] && $field["nameFormat"] != "simple") {
$first = $_POST["input_" . $field["id"] . "_3"];
$last = $_POST["input_" . $field["id"] . "_6"];
if (empty($first) || empty($last)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter the first and last name.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
break;
case "address":
if ($field["isRequired"]) {
$street = $_POST["input_" . $field["id"] . "_1"];
$city = $_POST["input_" . $field["id"] . "_3"];
$state = $_POST["input_" . $field["id"] . "_4"];
$zip = $_POST["input_" . $field["id"] . "_5"];
$country = $_POST["input_" . $field["id"] . "_6"];
if (empty($street) || empty($city) || empty($zip) || empty($state) && !$field["hideState"] || empty($country) && !$field["hideCountry"]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a complete address.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
break;
case "email":
if (!empty($value) && !GFCommon::is_valid_email($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid email address.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
} else {
if (rgget("emailConfirmEnabled", $field) && !empty($value)) {
$confirm = rgpost("input_" . $field["id"] . "_2");
if ($confirm != $value) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Your emails do not match.", "gravityforms");
$is_valid = false;
}
}
}
break;
case "donation":
case "price":
if (!class_exists("RGCurrency")) {
require_once "currency.php";
}
$donation = GFCommon::to_number($value);
if (!empty($value) && ($donation === false || $donation <= 0)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid donation", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
break;
case "number":
if (trim($value) != '' && !self::validate_range($field, $value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? GFCommon::get_range_message($field) : $field["errorMessage"];
$is_valid = false;
}
break;
case "phone":
$regex = '/^\\D?(\\d{3})\\D?\\D?(\\d{3})\\D?(\\d{4})$/';
if ($field["phoneFormat"] == "standard" && !empty($value) && !preg_match($regex, $value)) {
$field["failed_validation"] = true;
if (!empty($field["errorMessage"])) {
$field["validation_message"] = $field["errorMessage"];
}
$is_valid = false;
}
break;
case "date":
if (is_array($value) && empty($value[0])) {
$value = null;
}
if (!empty($value)) {
$format = empty($field["dateFormat"]) ? "mdy" : $field["dateFormat"];
$date = GFCommon::parse_date($value, $format);
if (empty($date) || !checkdate($date["month"], $date["day"], $date["year"])) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? sprintf(__("Please enter a valid date in the format (%s).", "gravityforms"), $format == "mdy" ? "mm/dd/yyyy" : "dd/mm/yyyy") : $field["errorMessage"];
$is_valid = false;
}
}
break;
case "time":
//create variable values if time came in one field
if (!is_array($value) && !empty($value)) {
preg_match('/^(\\d*):(\\d*) (.*)$/', $value, $matches);
$value = array();
$value[0] = $matches[1];
$value[1] = $matches[2];
}
$hour = $value[0];
$minute = $value[1];
if (empty($hour) && empty($minute)) {
break;
}
$is_valid_format = is_numeric($hour) && is_numeric($minute);
if (!$is_valid_format || $hour <= 0 || $hour > 12 || $minute < 0 || $minute >= 60) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid time.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
break;
case "website":
if (empty($value) || $value == "http://") {
$value = "";
if ($field["isRequired"]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
if (!empty($value) && !GFCommon::is_valid_url($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid Website URL (i.e. http://www.gravityforms.com).", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
break;
case "captcha":
switch ($field["captchaType"]) {
case "simple_captcha":
if (class_exists("ReallySimpleCaptcha")) {
$prefix = $_POST["input_captcha_prefix_{$field["id"]}"];
$captcha_obj = GFCommon::get_simple_captcha();
if (!$captcha_obj->check($prefix, str_replace(" ", "", $value))) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The CAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
//removes current captcha file
$captcha_obj->remove($prefix);
//removes old files in captcha folder (older than 1 hour);
$captcha_obj->cleanup();
}
break;
case "math":
$prefixes = explode(",", $_POST["input_captcha_prefix_{$field["id"]}"]);
$captcha_obj = GFCommon::get_simple_captcha();
//finding first number
$first = 0;
for ($first = 0; $first < 10; $first++) {
if ($captcha_obj->check($prefixes[0], $first)) {
break;
}
}
//finding second number
$second = 0;
for ($second = 0; $second < 10; $second++) {
if ($captcha_obj->check($prefixes[2], $second)) {
break;
}
}
//if it is a +, perform the sum
if ($captcha_obj->check($prefixes[1], "+")) {
$result = $first + $second;
} else {
$result = $first - $second;
}
if (intval($result) != intval($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The CAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
//removes current captcha file
$captcha_obj->remove($prefix);
//removes old files in captcha folder (older than 1 hour);
$captcha_obj->cleanup();
break;
default:
if (!function_exists("recaptcha_get_html")) {
require_once GFCommon::get_base_path() . '/recaptchalib.php';
}
$privatekey = get_option("rg_gforms_captcha_private_key");
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The reCAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
break;
case "fileupload":
case "post_image":
$info = pathinfo($_FILES["input_" . $field["id"]]["name"]);
$allowedExtensions = self::clean_extensions(explode(",", strtolower($field["allowedExtensions"])));
$extension = strtolower(rgget("extension", $info));
if (empty($field["allowedExtensions"]) && in_array($extension, array("php", "asp", "exe", "com", "htaccess"))) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The uploaded file type is not allowed.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
} else {
if (!empty($field["allowedExtensions"]) && !empty($info["basename"]) && !in_array($extension, $allowedExtensions)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? sprintf(__("The uploaded file type is not allowed. Must be one of the following: %s", "gravityforms"), strtolower($field["allowedExtensions"])) : $field["errorMessage"];
$is_valid = false;
}
}
break;
case "singleproduct":
$quantity = rgget($field["id"] . "3", $value);
if (empty($quantity)) {
$quantity = 0;
}
if (!is_numeric($quantity) || intval($quantity) != floatval($quantity)) {
$field["failed_validation"] = true;
$field["validation_message"] = __("Please enter a valid quantity", "gravityforms");
$is_valid = false;
}
break;
}
}
}
}
}
$validation_result = apply_filters("gform_validation_{$form["id"]}", apply_filters("gform_validation", array("is_valid" => $is_valid, "form" => $form)));
$is_valid = $validation_result["is_valid"];
$form = $validation_result["form"];
return $is_valid;
}
public static function validate(&$form, $field_values)
{
$is_valid = true;
foreach ($form["fields"] as &$field) {
//ignore validation if field is hidden
if (RGFormsModel::is_field_hidden($form, $field, $field_values)) {
continue;
}
$value = RGFormsModel::get_field_value($field);
//display error message if field is marked as required and the submitted value is empty
if ($field["isRequired"] && self::is_empty($field)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a value.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
} else {
if ($field["noDuplicates"] && RGFormsModel::is_duplicate($form["id"], $field, $value)) {
$field["failed_validation"] = true;
$field["validation_message"] = is_array($value) ? __("This field requires an unique entry and the values you entered have been already been used", "gravityforms") : __(sprintf("This field requires an unique entry and '%s' has already been used", $value), "gravityforms");
$is_valid = false;
} else {
switch (RGFormsModel::get_input_type($field)) {
case "name":
if ($field["isRequired"] && $field["nameFormat"] != "simple") {
$first = $_POST["input_" . $field["id"] . "_3"];
$last = $_POST["input_" . $field["id"] . "_6"];
if (empty($first) || empty($last)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter the first and last name.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
break;
case "address":
if ($field["isRequired"]) {
$street = $_POST["input_" . $field["id"] . "_1"];
$city = $_POST["input_" . $field["id"] . "_3"];
$state = $_POST["input_" . $field["id"] . "_4"];
$zip = $_POST["input_" . $field["id"] . "_5"];
$country = $_POST["input_" . $field["id"] . "_6"];
if (empty($street) || empty($city) || empty($state) || empty($zip) || empty($country)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a complete address.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
break;
case "email":
if (!empty($value) && !GFCommon::is_valid_email($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid email address.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
break;
case "number":
if (trim($value) != '' && !self::validate_range($field, $value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? GFCommon::get_range_message($field) : $field["errorMessage"];
$is_valid = false;
}
break;
case "phone":
$regex = '/^\\D?(\\d{3})\\D?\\D?(\\d{3})\\D?(\\d{4})$/';
if ($field["phoneFormat"] == "standard" && !empty($value) && !preg_match($regex, $value)) {
$field["failed_validation"] = true;
if (!empty($field["errorMessage"])) {
$field["validation_message"] = $field["errorMessage"];
}
$is_valid = false;
}
break;
case "date":
if (is_array($value) && empty($value[0])) {
$value = null;
}
if (!empty($value)) {
$format = empty($field["dateFormat"]) ? "mdy" : $field["dateFormat"];
$date = GFCommon::parse_date($value, $format);
if (empty($date) || !checkdate($date["month"], $date["day"], $date["year"])) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __(sprintf("Please enter a valid date in the format (%s).", $format == "mdy" ? "mm/dd/yyyy" : "dd/mm/yyyy"), "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
break;
case "time":
//create variable values if time came in one field
if (!is_array($value) && !empty($value)) {
preg_match('/^(\\d*):(\\d*) (.*)$/', $value, $matches);
$value = array();
$value[0] = $matches[1];
$value[1] = $matches[2];
}
$hour = $value[0];
$minute = $value[1];
if (empty($hour) && empty($minute)) {
break;
}
$is_valid_format = is_numeric($hour) && is_numeric($minute);
if (!$is_valid_format || $hour <= 0 || $hour > 12 || $minute < 0 || $minute >= 60) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid time.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
break;
case "website":
if ($value == "http://") {
$value = "";
if ($field["isRequired"]) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("This field is required. Please enter a value.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
}
if (!empty($value) && !GFCommon::is_valid_url($value)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("Please enter a valid Website URL (i.e. http://www.gravityforms.com).", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
break;
case "captcha":
if (!function_exists("recaptcha_get_html")) {
require_once GFCommon::get_base_path() . '/recaptchalib.php';
}
$privatekey = get_option("rg_gforms_captcha_private_key");
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The reCAPTCHA wasn't entered correctly. Go back and try it again.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
}
break;
case "fileupload":
case "post_image":
$info = pathinfo($_FILES["input_" . $field["id"]]["name"]);
$allowedExtensions = self::clean_extensions(explode(",", strtolower($field["allowedExtensions"])));
$extension = strtolower($info["extension"]);
if (empty($field["allowedExtensions"]) && in_array($extension, array("php", "asp", "exe", "com", "htaccess"))) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? __("The uploaded file type is not allowed.", "gravityforms") : $field["errorMessage"];
$is_valid = false;
} else {
if (!empty($field["allowedExtensions"]) && !empty($info["basename"]) && !in_array($extension, $allowedExtensions)) {
$field["failed_validation"] = true;
$field["validation_message"] = empty($field["errorMessage"]) ? sprintf(__("The uploaded file type is not allowed. Must be one of the following: %s", "gravityforms"), strtolower($field["allowedExtensions"])) : $field["errorMessage"];
$is_valid = false;
}
}
break;
}
}
}
}
return $is_valid;
}
