Exemplo n.º 1
0
 /**
  * @param SPEntry $entry
  * @param string $request
  * @throws SPException
  * @return bool
  */
 private function verify($entry, $request)
 {
     static $store = null;
     $directory = SPRequest::string($this->nid, null, false, $request);
     if (strtolower($request) == 'post' || strtolower($request) == 'get') {
         $data = SPRequest::file($this->nid, 'tmp_name');
     } else {
         $data = SPRequest::file($this->nid, 'tmp_name', $request);
     }
     if ($store == null) {
         $store = SPFactory::registry()->get('requestcache_stored');
     }
     if (is_array($store) && isset($store[$this->nid])) {
         if (!strstr($store[$this->nid], 'file://') && !strstr($store[$this->nid], 'directory://')) {
             $data = $store[$this->nid];
         } else {
             $directory = $store[$this->nid];
         }
     }
     if ($directory && strstr($directory, 'directory://')) {
         list($data, $dirName, $files) = $this->getAjaxFiles($directory);
         if (count($files)) {
             foreach ($files as $file) {
                 if ($file == '.') {
                     continue;
                 }
                 if ($file == '..') {
                     continue;
                 }
                 if (strpos($file, 'icon_') !== false) {
                     continue;
                 }
                 if (strpos($file, 'resized_') !== false) {
                     continue;
                 }
                 if (strpos($file, 'cropped_') !== false) {
                     continue;
                 }
                 if (strpos($file, '.var') !== false) {
                     continue;
                 }
                 $fileSize = filesize($dirName . $file);
             }
         }
     } else {
         $fileSize = SPRequest::file($this->nid, 'size');
     }
     $del = SPRequest::bool($this->nid . '_delete', false, $request);
     $dexs = strlen($data);
     if ($this->required && !$dexs) {
         $files = $this->getRaw();
         if (!count($files)) {
             throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name));
         }
     }
     if ($fileSize > $this->maxSize) {
         throw new SPException(SPLang::e('FIELD_IMG_TOO_LARGE', $this->name, $fileSize, $this->maxSize));
     }
     /* check if there was an adminField */
     if ($this->adminField && ($dexs || $del)) {
         if (!Sobi::Can('entry.adm_fields.edit')) {
             throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name));
         }
     }
     /* check if it was free */
     if (!$this->isFree && $this->fee && $dexs) {
         SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid);
     }
     /* check if it was editLimit */
     if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name));
     }
     /* check if it was editable */
     if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name));
     }
     return true;
 }
Exemplo n.º 2
0
 /**
  * @param SPEntry $entry
  * @param string $request
  * @throws SPException
  * @return array
  */
 protected function verify($entry, $request)
 {
     $save = array();
     $data = SPRequest::raw($this->nid . '_url', null, $request);
     $dexs = strlen($data);
     $data = SPFactory::db()->escape($data);
     if ($this->ownLabel) {
         $save['label'] = SPRequest::raw($this->nid, null, $request);
         /* check if there was a filter */
         if ($this->filter && strlen($save['label'])) {
             $registry =& SPFactory::registry();
             $registry->loadDBSection('fields_filter');
             $filters = $registry->get('fields_filter');
             $filter = isset($filters[$this->filter]) ? $filters[$this->filter] : null;
             if (!count($filter)) {
                 throw new SPException(SPLang::e('FIELD_FILTER_ERR', $this->filter));
             } else {
                 if (!preg_match(base64_decode($filter['params']), $save['label'])) {
                     throw new SPException(str_replace('$field', $this->name, SPLang::e($filter['description'])));
                 }
             }
         }
     }
     /* check if it was required */
     if ($this->required && !$dexs) {
         throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name));
     }
     /* check if there was an adminField */
     if ($this->adminField && $dexs) {
         if (!Sobi::Can('adm_fields.edit')) {
             throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name));
         }
     }
     /* check if it was free */
     if (!$this->isFree && $this->fee && $dexs) {
         SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid);
     }
     /* check if it should contains unique data */
     if ($this->uniqueData && $dexs) {
         $matches = $this->searchData($data, Sobi::Reg('current_section'));
         if (count($matches)) {
             throw new SPException(SPLang::e('FIELD_NOT_UNIQUE', $this->name));
         }
     }
     /* check if it was editLimit */
     if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name));
     }
     /* check if it was editable */
     if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name));
     }
     /* check the response code */
     if ($dexs && $this->validateUrl) {
         if (preg_match('/[a-z0-9]@[a-z0-9].[a-z]/i', $data)) {
             $domain = explode('@', $data, 2);
             $domain = $domain[1];
             if (!checkdnsrr($domain, 'MX')) {
                 throw new SPException(SPLang::e('FIELD_MAIL_NO_MX', $data));
             }
         } else {
             throw new SPException(SPLang::e('FIELD_MAIL_WRONG_FORM', $data));
         }
     }
     if ($dexs) {
         /* if we are here, we can save these data */
         $save['url'] = $data;
     } else {
         $save = null;
     }
     $this->setData($save);
     return $save;
 }
Exemplo n.º 3
0
 /**
  * @param SPEntry $entry
  * @param string $request
  * @param $data
  * @throws SPException
  * @return string
  */
 private function verify($entry, $request, $data)
 {
     $cdata = count($data);
     /* check if it was required */
     if ($this->required && !$cdata) {
         throw new SPException(SPLang::e('FIELD_REQUIRED_ERR_OPT', $this->name));
     }
     /* check if there was an adminField */
     if ($this->adminField && $cdata) {
         if (!Sobi::Can('entry.adm_fields.edit')) {
             throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name));
         }
     }
     /* check if it was free */
     if (!$this->isFree && $this->fee && $cdata) {
         SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid);
     }
     /* check if it was editLimit */
     if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $cdata) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name));
     }
     /* check if it was editable */
     if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $cdata && $entry->get('version') > 1) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name));
     }
     return $cdata;
 }
Exemplo n.º 4
0
 /**
  * @param SPEntry $entry
  * @param SPdb $db
  * @param string $request
  * @throws SPException
  * @return array
  */
 private function verify($entry, &$db, $request)
 {
     $save = array();
     if ($this->ownLabel) {
         $save['label'] = SPRequest::raw($this->nid, null, $request);
         /* check if there was a filter */
         if ($this->filter && strlen($save['label'])) {
             $registry =& SPFactory::registry();
             $registry->loadDBSection('fields_filter');
             $filters = $registry->get('fields_filter');
             $filter = isset($filters[$this->filter]) ? $filters[$this->filter] : null;
             if (!count($filter)) {
                 throw new SPException(SPLang::e('FIELD_FILTER_ERR', $this->filter));
             } else {
                 if (!preg_match(base64_decode($filter['params']), $save['label'])) {
                     throw new SPException(str_replace('$field', $this->name, SPLang::e($filter['description'])));
                 }
             }
         }
     }
     $data = SPRequest::raw($this->nid . '_url', null, $request);
     $save['protocol'] = $db->escape(SPRequest::word($this->nid . '_protocol', null, $request));
     $dexs = strlen($data);
     $data = $db->escape($data);
     $data = preg_replace('/([a-z]{1,5}\\:\\/\\/)/i', null, $data);
     $save['url'] = $data;
     /* check if it was required */
     if ($this->required && !$dexs) {
         throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name));
     }
     /* check if there was an adminField */
     if ($this->adminField && $dexs) {
         if (!Sobi::Can('entry.adm_fields.edit')) {
             throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name));
         }
     }
     /* check if it was free */
     if (!$this->isFree && $this->fee && $dexs) {
         SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid);
     }
     /* check if it should contains unique data */
     if ($this->uniqueData && $dexs) {
         $matches = $this->searchData($data, Sobi::Reg('current_section'));
         if (count($matches)) {
             throw new SPException(SPLang::e('FIELD_NOT_UNIQUE', $this->name));
         }
     }
     /* check if it was editLimit */
     if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name));
     }
     /* check if it was editable */
     if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name));
     }
     /* check the response code */
     if ($dexs && $this->validateUrl) {
         $rclass = SPLoader::loadClass('services.remote');
         $err = 0;
         $response = 0;
         try {
             $connection = new $rclass();
             $connection->setOptions(array('url' => $save['protocol'] . '://' . $data, 'connecttimeout' => 10, 'header' => false, 'returntransfer' => true));
             $connection->exec();
             $response = $connection->info('response_code');
             $err = $connection->error(false);
             $errTxt = $connection->error();
             $connection->close();
             if ($err) {
                 Sobi::Error($this->name(), SPLang::e('FIELD_URL_CANNOT_VALIDATE', $errTxt), SPC::WARNING, 0, __LINE__, __FILE__);
             }
         } catch (SPException $x) {
             Sobi::Error($this->name(), SPLang::e('FIELD_URL_CANNOT_VALIDATE', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__);
         }
         if ($err || $response != 200) {
             $response = $err ? $errTxt : $response;
             Sobi::Error($this->name(), SPLang::e('FIELD_URL_ERR', $save['protocol'] . '://' . $data, $response), SPC::WARNING, 0, __LINE__, __FILE__);
             throw new SPException(SPLang::e('FIELD_URL_ERR', $save['protocol'] . '://' . $data, $response));
         }
     }
     if (!$dexs) {
         $save = null;
     }
     return $save;
 }
Exemplo n.º 5
0
 /**
  * @param SPEntry $entry
  * @param string $request
  * @throws SPException
  * @return string
  */
 private function verify($entry, $request)
 {
     $data = SPRequest::raw($this->nid, null, $request);
     $dexs = strlen($data);
     /* check if it was required */
     if ($this->required && !$dexs) {
         throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name));
     }
     if ($dexs) {
         /* check if there was an adminField */
         if ($this->adminField) {
             if (!Sobi::Can('entry.adm_fields.edit')) {
                 throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->get('name')));
             }
         }
         /* check if it was free */
         if (!$this->isFree && $this->fee) {
             SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid);
         }
         /* check if it was editLimit */
         if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit')) {
             throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name));
         }
         /* check if it was editable */
         if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $entry->get('version') > 1) {
             throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name));
         }
         if ($this->allowHtml) {
             $checkMethod = function_exists('mb_strlen') ? 'mb_strlen' : 'strlen';
             $check = $checkMethod(str_replace(array("\n", "\r", "\t"), null, strip_tags($data)));
             if ($this->maxLength && $check > $this->maxLength) {
                 throw new SPException(SPLang::e('FIELD_TEXTAREA_LIMIT', $this->maxLength, $this->name, $dexs));
             }
         } else {
             if ($this->maxLength && $dexs > $this->maxLength) {
                 throw new SPException(SPLang::e('FIELD_TEXTAREA_LIMIT', $this->maxLength, $this->name, $dexs));
             }
         }
     }
     $data = SPRequest::string($this->nid, null, true, $request);
     $this->setData($data);
     return $data;
 }
Exemplo n.º 6
0
 /**
  * @param SPEntry $entry
  * @param string $request
  * @throws SPException
  * @return string
  */
 private function verify($entry, $request)
 {
     $data = SPRequest::raw($this->nid, null, $request);
     $dexs = strlen($data);
     /* check if it was required */
     if ($this->required && !$dexs) {
         throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name));
     }
     /* check if there was a filter */
     if ($this->filter && $dexs) {
         $registry =& SPFactory::registry();
         $registry->loadDBSection('fields_filter');
         $filters = $registry->get('fields_filter');
         $filter = isset($filters[$this->filter]) ? $filters[$this->filter] : null;
         if (!count($filter)) {
             throw new SPException(SPLang::e('FIELD_FILTER_ERR', $this->filter));
         } else {
             if (!preg_match(base64_decode($filter['params']), $data)) {
                 throw new SPException(str_replace('$field', $this->name, SPLang::e($filter['description'])));
             }
         }
     }
     /* check if there was an adminField */
     if ($this->adminField && $dexs) {
         if (!Sobi::Can('entry.adm_fields.edit')) {
             throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name));
         }
     }
     /* check if it was free */
     if (!$this->isFree && $this->fee && $dexs) {
         SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid);
     }
     /* check if it should contains unique data */
     if ($this->uniqueData && $dexs) {
         $matches = $this->searchData($data, Sobi::Reg('current_section'));
         if (count($matches) > 1 || count($matches) == 1 && $matches[0] != $entry->get('id')) {
             throw new SPException(SPLang::e('FIELD_NOT_UNIQUE', $this->name));
         }
     }
     /* check if it was editLimit */
     if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name));
     }
     /* check if it was editable */
     if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name));
     }
     if (!$dexs) {
         $data = null;
     }
     $this->setData($data);
     return $data;
 }
Exemplo n.º 7
0
 /**
  * @param SPEntry $entry
  * @param string $request
  * @throws SPException
  * @return string
  * @throw SPException
  */
 private function verify($entry, $request)
 {
     $data = SPRequest::arr($this->nid, array(), $request);
     if (!$data) {
         $dataString = SPRequest::string($this->nid, null, false, $request);
         if (strstr($dataString, '://')) {
             $data = SPFactory::config()->structuralData($dataString);
         } else {
             $dataString = SPRequest::int($this->nid, 0, $request);
             if ($dataString) {
                 $data = array($dataString);
             }
         }
     } else {
         if (count($data) > $this->catsMaxLimit && count($data) > 1) {
             $data = array_slice($data, 0, $this->catsMaxLimit);
         }
     }
     $dexs = count($data);
     /* check if it was required */
     if ($this->required && !$dexs && $this->method != 'fixed') {
         throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name));
     }
     /* check if there was an adminField */
     if ($this->adminField && $dexs && $this->method != 'fixed') {
         if (!Sobi::Can('entry.adm_fields.edit')) {
             throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name));
         }
     }
     /* check if it was free */
     if (!$this->isFree && $this->fee && $dexs) {
         SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid);
     }
     /* check if it was editLimit */
     if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name));
     }
     /* check if it was editable */
     if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) {
         throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name));
     }
     if (!$dexs) {
         $data = array();
     }
     $this->setData($data);
     return $data;
 }