/**
* Sanitize a raw field value.
*
* @param string $name The name of the field to sanitize, as specified in the schema.
* @param string $value The value to be sanitized.
* @return string The sanitized value.
*/
public function sanitizeField($name, $value)
{
$schemaFields = $this->_schema->getSchema();
$fieldParameters = $schemaFields[$name];
$sanitizedValue = $value;
// Field exists in schema, so validate accordingly
if (!isset($fieldParameters['sanitizers']) || empty($fieldParameters['sanitizers'])) {
return $this->purgeHtmlCharacters($sanitizedValue);
} else {
$processed = false;
foreach ($fieldParameters['sanitizers'] as $sanitizer => $attributes) {
switch (strtolower($sanitizer)) {
case "purify":
$sanitizedValue = $this->_purifier->purify($sanitizedValue);
$processed = true;
break;
case "escape":
$sanitizedValue = $this->escapeHtmlCharacters($sanitizedValue);
$processed = true;
break;
case "purge":
$sanitizedValue = $this->purgeHtmlCharacters($sanitizedValue);
$processed = true;
break;
case "raw":
$processed = true;
break;
default:
break;
}
}
// If no sanitizers have been applied, then apply purge by default
if (!$processed) {
$sanitizedValue = $this->purgeHtmlCharacters($sanitizedValue);
}
return $sanitizedValue;
}
}
/**
* Generate FormValidation compatible rules from the specified RequestSchema, as HTML5 `data-*` attributes.
* See [Setting validator options via HTML attributes](http://formvalidation.io/examples/attribute/) as an example of what this function will generate.
*
* @return array Returns an array of rules, mapping field names -> string of data-* attributes, separated by spaces.
* Example: `data-fv-notempty data-fv-notempty-message="The gender is required"`.
*/
public function formValidationRulesHtml5()
{
$client_rules = array();
$implicit_rules = array();
foreach ($this->_schema->getSchema() as $field_name => $field) {
$field_rules = "";
$validators = $field['validators'];
foreach ($validators as $validator_name => $validator) {
// Required validator
if ($validator_name == "required") {
$prefix = "data-fv-notempty";
$field_rules .= $this->html5Attributes($validator, $prefix);
}
// String length validator
if ($validator_name == "length") {
$prefix = "data-fv-stringlength";
$field_rules .= $this->html5Attributes($validator, $prefix);
if (isset($validator['min'])) {
$field_rules .= "{$prefix}-min={$validator['min']} ";
}
if (isset($validator['max'])) {
$field_rules .= "{$prefix}-max={$validator['max']} ";
}
}
// Numeric range validator
if ($validator_name == "range") {
if (isset($validator['min']) && isset($validator['max'])) {
$prefix = "data-fv-between";
$field_rules .= $this->html5Attributes($validator, $prefix);
$field_rules .= "{$prefix}-min={$validator['min']} ";
$field_rules .= "{$prefix}-max={$validator['max']} ";
} else {
if (isset($validator['min'])) {
$prefix = "data-fv-greaterthan";
$field_rules .= $this->html5Attributes($validator, $prefix);
$field_rules .= "{$prefix}-value={$validator['min']} ";
}
if (isset($validator['max'])) {
$prefix = "data-fv-lessthan";
$field_rules .= $this->html5Attributes($validator, $prefix);
$field_rules .= "{$prefix}-value={$validator['max']} ";
}
}
}
// Integer validator
if ($validator_name == "integer") {
$prefix = "data-fv-integer";
$field_rules .= $this->html5Attributes($validator, $prefix);
}
// Array validator
if ($validator_name == "array") {
$prefix = "data-fv-choice";
$field_rules .= $this->html5Attributes($validator, $prefix);
if (isset($validator['min'])) {
$field_rules .= "{$prefix}-min={$validator['min']} ";
}
if (isset($validator['max'])) {
$field_rules .= "{$prefix}-max={$validator['max']} ";
}
}
// Email validator
if ($validator_name == "email") {
$prefix = "data-fv-emailaddress";
$field_rules .= $this->html5Attributes($validator, $prefix);
}
// Match another field
if ($validator_name == "matches") {
$prefix = "data-fv-identical";
if (isset($validator['field'])) {
$field_rules .= "{$prefix}-field={$validator['field']} ";
} else {
return null;
// TODO: throw exception
}
$field_rules = $this->html5Attributes($validator, $prefix);
// Generates validator for matched field
$implicit_rules[$validator['field']] = $field_rules;
$implicit_rules[$validator['field']] .= "{$prefix}-field={$field_name} ";
}
}
$client_rules[$field_name] = $field_rules;
}
// Merge in any implicit rules
foreach ($implicit_rules as $field_name => $field) {
$client_rules[$field_name] .= $field;
}
return $client_rules;
}
/**
*
* Generate and add rules from the schema
*/
private function generateSchemaRules()
{
foreach ($this->_schema->getSchema() as $field_name => $field) {
if (!isset($field['validators'])) {
continue;
}
$validators = $field['validators'];
foreach ($validators as $validator_name => $validator) {
if (isset($validator['message'])) {
$params = array_merge(["self" => $field_name], $validator);
$message_set = $this->_translator->translate($validator['message'], $params);
} else {
$message_set = null;
}
// Required validator
if ($validator_name == "required") {
$this->ruleWithMessage("required", $message_set, $field_name);
}
// String length validator
if ($validator_name == "length") {
if (isset($validator['min']) && isset($validator['max'])) {
$this->ruleWithMessage("lengthBetween", $message_set, $field_name, $validator['min'], $validator['max']);
} else {
if (isset($validator['min'])) {
$this->ruleWithMessage("lengthMin", $message_set, $field_name, $validator['min']);
}
if (isset($validator['max'])) {
$this->ruleWithMessage("lengthMax", $message_set, $field_name, $validator['max']);
}
}
}
// Integer validator
if ($validator_name == "integer") {
$this->ruleWithMessage("integer", $message_set, $field_name);
}
// Numeric validator
if ($validator_name == "numeric") {
$this->ruleWithMessage("numeric", $message_set, $field_name);
}
// Numeric range validator
if ($validator_name == "range") {
if (isset($validator['min'])) {
$this->ruleWithMessage("min", $message_set, $field_name, $validator['min']);
}
if (isset($validator['max'])) {
$this->ruleWithMessage("max", $message_set, $field_name, $validator['max']);
}
}
// Array validator
if ($validator_name == "array") {
// For now, just check that it is an array. Really we need a new validation rule here.
$this->ruleWithMessage("array", $message_set, $field_name);
}
// Email validator
if ($validator_name == "email") {
$this->ruleWithMessage("email", $message_set, $field_name);
}
// Match another field
if ($validator_name == "matches") {
$this->ruleWithMessage("equals", $message_set, $field_name, $validator['field']);
}
// Negation of match another field
if ($validator_name == "not_matches") {
$this->ruleWithMessage("different", $message_set, $field_name, $validator['field']);
}
// Check membership in array
if ($validator_name == "member_of") {
$this->ruleWithMessage("in", $message_set, $field_name, $validator['values'], true);
// Strict comparison
}
// Negation of membership
if ($validator_name == "not_member_of") {
$this->ruleWithMessage("notIn", $message_set, $field_name, $validator['values'], true);
// Strict comparison
}
}
}
}
