示例#1
0
 private function wordVerify()
 {
     if (!$this->isRequiredIDValid('wordVerifyID', $_GET) && !isset($_GET['wordVerifyString'])) {
         CommonErrors::fatal(COMMONERROR_BADINDEX, $this, 'Invalid word verification ID.');
     }
     if (isset($_GET['wordVerifyID'])) {
         $wordVerifyID = $_GET['wordVerifyID'];
         $graphs = new Graphs();
         $text = $graphs->getVerificationImageText($wordVerifyID);
     } else {
         $text = $_GET['wordVerifyString'];
     }
     $graph = new WordVerify($text);
     $graph->draw();
     die;
 }
示例#2
0
 /**
  * Validate all fields on the WebForm against any regular expressions provided,
  * constraints of their WFT_ field type, and for minimum and maximum size noting
  * all errors and successes appropriately.
  *
  * @return array of errors
  */
 private function validateFields()
 {
     $errors = array();
     for ($x = 0; $x < count($this->_fields); $x++) {
         $field = $this->_fields[$x];
         if ($field['type'] == WFT_CC_EXPIRATION) {
             // one or both fields left blank
             if (strlen(trim($this->getPostValue($field['id'] . 'Month'))) == 0 || strlen(trim($this->getPostValue($field['id'] . 'Year'))) == 0) {
                 if ($field['required']) {
                     $errors[] = 'You must select an card expiration month and year';
                 }
                 $monthValue = $yearValue = -1;
                 $value = '';
             } else {
                 $monthValue = intval($this->getPostValue($field['id'] . 'Month'));
                 $yearValue = intval($this->getPostValue($field['id'] . 'Year'));
                 $curYear = intval(date('Y'));
                 if ($yearValue < $curYear) {
                     $errors[] = 'The expiration year is in the past';
                 }
                 if ($monthValue < 1 || $monthValue > 12) {
                     $errors[] = 'The expiration month is not valid';
                 }
             }
         } else {
             if ($field['required'] && !strlen(trim($this->getPostValue($field['id'])))) {
                 if (strlen($field['caption']) > 0) {
                     $errors[] = $field['caption'] . ' is a required field';
                 } else {
                     $errors[] = 'This field is required';
                 }
                 $value = '';
             } else {
                 if ($field['type'] == WFT_CURRENCY) {
                     $value = trim($this->getPostValue($field['id']));
                     $value = str_replace('$', '', $value);
                     $cur = floatval($value);
                     $value = strval($cur);
                 } else {
                     if ($field['type'] == WFT_ANTI_SPAM_IMAGE) {
                         $antiSpamInput = $this->getPostValue($field['id']);
                         $wordVerifyID = $this->getPostValue('wordVerifyID');
                         $graphs = new Graphs();
                         $wordVerifyText = $graphs->getVerificationImageText($wordVerifyID);
                         if (strtoupper($antiSpamInput) != $wordVerifyText || $antiSpamInput == '') {
                             $errors[] = 'The text you entered did not correspond with the text in the security image';
                             $value = 0;
                         } else {
                             $value = 1;
                         }
                         $graphs->clearVerificationImageText($wordVerifyID);
                     } else {
                         if ($field['type'] == WFT_SELECT || $field['type'] == WFT_CC_TYPE || $field['type'] == WFT_BOOLEAN) {
                             $value = $this->getPostValue($field['id']);
                             if (!strcmp($value, 'noset')) {
                                 $errors[] = $field['caption'] . ': You must select an option';
                             }
                         } else {
                             if ($field['type'] == WFT_CC_NUMBER) {
                                 $value = '';
                                 // Clean credit card number input
                                 $cardNumber = preg_replace('/[^0-9]/', '', $this->getPostValue($field['id']));
                                 if ($field['required'] == false && !strlen($cardNumber)) {
                                     $value = '';
                                 } else {
                                     // Guess the card type by using a pregex pattern matching algorithm
                                     $cardType = $this->getCreditCardTypeByNumber($cardNumber);
                                     if ($cardType == -1) {
                                         $errors[] = 'The credit card number you entered is not a recognized Visa, MasterCard, American Express ' . 'or Discover card.';
                                     } else {
                                         if (!$this->isCardNumberValid($cardType, $cardNumber)) {
                                             $errors[] = 'The credit card number you entered has not been recognized and may be invalid.';
                                         } else {
                                             // Valid card number, now change all card type fields to match
                                             // the autodetected card type (visa, mastercard, etc.)
                                             $value = $cardNumber;
                                             $cardTypeName = $this->getCreditCardName($cardType);
                                             for ($y = 0; $y < count($this->_fields); $y++) {
                                                 if ($this->_fields[$y]['type'] == WFT_CC_TYPE) {
                                                     $this->_fields[$y]['validatedDataOverride'] = $cardTypeName;
                                                     $this->_fields[$y]['validatedData'] = $cardTypeName;
                                                 }
                                             }
                                         }
                                     }
                                 }
                             } else {
                                 $value = trim($this->getPostValue($field['id']));
                                 if (!($field['required'] == false && !strlen($value))) {
                                     if (strlen($field['regex_test']) > 0) {
                                         if (!preg_match($field['regex_test'], $value)) {
                                             $errors[] = $field['regex_fail'];
                                         }
                                     }
                                     if (strlen($value) < $field['length'][0] || strlen($value) > $field['length'][1]) {
                                         if ($field['length'][0] == $field['length'][1]) {
                                             if (strlen(trim($field['caption'])) > 0) {
                                                 $errors[] = sprintf("%s must be %d characters in length", $field['caption'], $field['length'][0]);
                                             } else {
                                                 $errors[] = sprintf("This field must be %d characters in length", $field['length'][0]);
                                             }
                                         } else {
                                             $errors[] = sprintf("%s must be between %s characters in length", $field['caption'], implode(' and ', $field['length']));
                                         }
                                     }
                                 }
                                 $value = str_replace(array("\r", "\n", "\t", "\f"), '', strip_tags($value));
                             }
                         }
                     }
                 }
             }
         }
         // Set the validated (form returned) data
         switch ($field['type']) {
             case WFT_CC_EXPIRATION:
                 if ($monthValue != -1 && $yearValue != -1) {
                     $this->_fields[$x]['validatedData'] = sprintf('%d/%d', $monthValue, $yearValue);
                 } else {
                     $this->_fields[$x]['validatedData'] = '';
                 }
                 break;
             default:
                 if (isset($this->_fields[$x]['validatedDataOverride']) && strlen($this->_fields[$x]['validatedDataOverride'])) {
                     $this->_fields[$x]['validatedData'] = $this->_fields[$x]['validatedDataOverride'];
                 } else {
                     $this->_fields[$x]['validatedData'] = $value;
                 }
                 break;
         }
     }
     return $errors;
 }