private function wordVerify()
{
if (!$this->isRequiredIDValid('wordVerifyID', $_GET) && !isset($_GET['wordVerifyString'])) {
CommonErrors::fatal(COMMONERROR_BADINDEX, $this, 'Invalid word verification ID.');
}
if (isset($_GET['wordVerifyID'])) {
$wordVerifyID = $_GET['wordVerifyID'];
$graphs = new Graphs();
$text = $graphs->getVerificationImageText($wordVerifyID);
} else {
$text = $_GET['wordVerifyString'];
}
$graph = new WordVerify($text);
$graph->draw();
die;
}
/**
* Validate all fields on the WebForm against any regular expressions provided,
* constraints of their WFT_ field type, and for minimum and maximum size noting
* all errors and successes appropriately.
*
* @return array of errors
*/
private function validateFields()
{
$errors = array();
for ($x = 0; $x < count($this->_fields); $x++) {
$field = $this->_fields[$x];
if ($field['type'] == WFT_CC_EXPIRATION) {
// one or both fields left blank
if (strlen(trim($this->getPostValue($field['id'] . 'Month'))) == 0 || strlen(trim($this->getPostValue($field['id'] . 'Year'))) == 0) {
if ($field['required']) {
$errors[] = 'You must select an card expiration month and year';
}
$monthValue = $yearValue = -1;
$value = '';
} else {
$monthValue = intval($this->getPostValue($field['id'] . 'Month'));
$yearValue = intval($this->getPostValue($field['id'] . 'Year'));
$curYear = intval(date('Y'));
if ($yearValue < $curYear) {
$errors[] = 'The expiration year is in the past';
}
if ($monthValue < 1 || $monthValue > 12) {
$errors[] = 'The expiration month is not valid';
}
}
} else {
if ($field['required'] && !strlen(trim($this->getPostValue($field['id'])))) {
if (strlen($field['caption']) > 0) {
$errors[] = $field['caption'] . ' is a required field';
} else {
$errors[] = 'This field is required';
}
$value = '';
} else {
if ($field['type'] == WFT_CURRENCY) {
$value = trim($this->getPostValue($field['id']));
$value = str_replace('$', '', $value);
$cur = floatval($value);
$value = strval($cur);
} else {
if ($field['type'] == WFT_ANTI_SPAM_IMAGE) {
$antiSpamInput = $this->getPostValue($field['id']);
$wordVerifyID = $this->getPostValue('wordVerifyID');
$graphs = new Graphs();
$wordVerifyText = $graphs->getVerificationImageText($wordVerifyID);
if (strtoupper($antiSpamInput) != $wordVerifyText || $antiSpamInput == '') {
$errors[] = 'The text you entered did not correspond with the text in the security image';
$value = 0;
} else {
$value = 1;
}
$graphs->clearVerificationImageText($wordVerifyID);
} else {
if ($field['type'] == WFT_SELECT || $field['type'] == WFT_CC_TYPE || $field['type'] == WFT_BOOLEAN) {
$value = $this->getPostValue($field['id']);
if (!strcmp($value, 'noset')) {
$errors[] = $field['caption'] . ': You must select an option';
}
} else {
if ($field['type'] == WFT_CC_NUMBER) {
$value = '';
// Clean credit card number input
$cardNumber = preg_replace('/[^0-9]/', '', $this->getPostValue($field['id']));
if ($field['required'] == false && !strlen($cardNumber)) {
$value = '';
} else {
// Guess the card type by using a pregex pattern matching algorithm
$cardType = $this->getCreditCardTypeByNumber($cardNumber);
if ($cardType == -1) {
$errors[] = 'The credit card number you entered is not a recognized Visa, MasterCard, American Express ' . 'or Discover card.';
} else {
if (!$this->isCardNumberValid($cardType, $cardNumber)) {
$errors[] = 'The credit card number you entered has not been recognized and may be invalid.';
} else {
// Valid card number, now change all card type fields to match
// the autodetected card type (visa, mastercard, etc.)
$value = $cardNumber;
$cardTypeName = $this->getCreditCardName($cardType);
for ($y = 0; $y < count($this->_fields); $y++) {
if ($this->_fields[$y]['type'] == WFT_CC_TYPE) {
$this->_fields[$y]['validatedDataOverride'] = $cardTypeName;
$this->_fields[$y]['validatedData'] = $cardTypeName;
}
}
}
}
}
} else {
$value = trim($this->getPostValue($field['id']));
if (!($field['required'] == false && !strlen($value))) {
if (strlen($field['regex_test']) > 0) {
if (!preg_match($field['regex_test'], $value)) {
$errors[] = $field['regex_fail'];
}
}
if (strlen($value) < $field['length'][0] || strlen($value) > $field['length'][1]) {
if ($field['length'][0] == $field['length'][1]) {
if (strlen(trim($field['caption'])) > 0) {
$errors[] = sprintf("%s must be %d characters in length", $field['caption'], $field['length'][0]);
} else {
$errors[] = sprintf("This field must be %d characters in length", $field['length'][0]);
}
} else {
$errors[] = sprintf("%s must be between %s characters in length", $field['caption'], implode(' and ', $field['length']));
}
}
}
$value = str_replace(array("\r", "\n", "\t", "\f"), '', strip_tags($value));
}
}
}
}
}
}
// Set the validated (form returned) data
switch ($field['type']) {
case WFT_CC_EXPIRATION:
if ($monthValue != -1 && $yearValue != -1) {
$this->_fields[$x]['validatedData'] = sprintf('%d/%d', $monthValue, $yearValue);
} else {
$this->_fields[$x]['validatedData'] = '';
}
break;
default:
if (isset($this->_fields[$x]['validatedDataOverride']) && strlen($this->_fields[$x]['validatedDataOverride'])) {
$this->_fields[$x]['validatedData'] = $this->_fields[$x]['validatedDataOverride'];
} else {
$this->_fields[$x]['validatedData'] = $value;
}
break;
}
}
return $errors;
}