From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Sun, 10 Jul 2016 05:02:35 -0400
Subject: [PATCH] Merge branch 'stable-3.1'
---
interface/lib/classes/tform_base.inc.php | 190 ++++++++++++++++++++++++++++-------------------
1 files changed, 114 insertions(+), 76 deletions(-)
diff --git a/interface/lib/classes/tform_base.inc.php b/interface/lib/classes/tform_base.inc.php
index 4b5a76c..0c9cda5 100644
--- a/interface/lib/classes/tform_base.inc.php
+++ b/interface/lib/classes/tform_base.inc.php
@@ -98,7 +98,7 @@
var $errorMessage = '';
var $dateformat = "d.m.Y";
- var $datetimeformat = 'd.m.Y H:i';
+ var $datetimeformat = 'd.m.Y H:i'; // is set to the correct value in loadFormDef
var $formDef = array();
var $wordbook;
var $module;
@@ -127,6 +127,7 @@
global $app, $conf;
include $file;
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$form['name'] . ':on_before_formdef', $this);
$this->formDef = $form;
$this->module = $module;
@@ -150,8 +151,10 @@
$wb = $app->functions->array_merge($wb_global, $wb);
}
if(isset($wb_global)) unset($wb_global);
-
+
$this->wordbook = $wb;
+
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'] . ':on_after_formdef', $this);
$this->dateformat = $app->lng('conf_format_dateshort');
$this->datetimeformat = $app->lng('conf_format_datetime');
@@ -203,7 +206,7 @@
break;
case 'DATE':
- if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ if($record[$key] != '' && !is_null($record[$key]) && $record[$key] != '0000-00-00') {
$tmp = explode('-', $record[$key]);
$new_record[$key] = date($this->dateformat, mktime(0, 0, 0, $tmp[1] , $tmp[2], $tmp[0]));
}
@@ -559,6 +562,18 @@
$new_record[$key] = $this->_getDateTimeHTML($key, $dt_value, $display_seconds);
break;
+ case 'DATE':
+ if (strtotime($val) !== false) {
+ $dt_value = $val;
+ } elseif ( isset($field['default']) && (strtotime($field['default']) !== false) ) {
+ $dt_value = $field['default'];
+ } else {
+ $dt_value = 0;
+ }
+
+ $new_record[$key] = $this->_getDateHTML($key, $dt_value);
+ break;
+
default:
if(isset($record[$key])) {
$new_record[$key] = htmlspecialchars($record[$key]);
@@ -669,6 +684,12 @@
$new_record[$key] = $this->_getDateTimeHTML($key, $dt_value, $display_seconds);
break;
+
+ case 'DATE':
+ $dt_value = (isset($field['default'])) ? $field['default'] : 0;
+
+ $new_record[$key] = $this->_getDateHTML($key, $dt_value);
+ break;
default:
$new_record[$key] = htmlspecialchars($field['default']);
@@ -767,7 +788,7 @@
}
break;
case 'DATE':
- if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ if($record[$key] != '' && !is_null($record[$key]) && $record[$key] != '0000-00-00') {
if(function_exists('date_parse_from_format')) {
$date_parts = date_parse_from_format($this->dateformat, $record[$key]);
$new_record[$key] = $date_parts['year'].'-'.str_pad($date_parts['month'], 2, "0", STR_PAD_LEFT).'-'.str_pad($date_parts['day'], 2, "0", STR_PAD_LEFT);
@@ -776,7 +797,7 @@
$new_record[$key] = date('Y-m-d', $tmp);
}
} else {
- $new_record[$key] = '0000-00-00';
+ $new_record[$key] = null;
}
break;
case 'INTEGER':
@@ -799,11 +820,19 @@
$new_record[$key] = date( 'Y-m-d H:i:s', mktime($_dt_hour, $_dt_minute, $_dt_second, $_dt_month, $_dt_day, $_dt_year) );
}
} else {*/
- if($record[$key] != '' && $record[$key] != '0000-00-00 00:00:00') {
- $tmp = strtotime($record[$key]);
- $new_record[$key] = date($this->datetimeformat, $tmp);
+ if($record[$key] != '' && !is_null($record[$key]) && $record[$key] != '0000-00-00 00:00:00') {
+ //$tmp = strtotime($record[$key]);
+ //$new_record[$key] = date($this->datetimeformat, $tmp);
+ $parsed_date = date_parse_from_format($this->datetimeformat,$record[$key]);
+ if($parsed_date['error_count'] > 0 || ($parsed_date['year'] == 1899 && $parsed_date['month'] == 12 && $parsed_date['day'] == 31)) {
+ // There was an error, set the date to 0
+ $new_record[$key] = null;
+ } else {
+ // Date parsed successfully. Convert it to database format
+ $new_record[$key] = date( 'Y-m-d H:i:s', mktime($parsed_date['hour'], $parsed_date['minute'], $parsed_date['second'], $parsed_date['month'], $parsed_date['day'], $parsed_date['year']) );
+ }
} else {
- $new_record[$key] = '0000-00-00 00:00:00';
+ $new_record[$key] = null;
}
/*}*/
break;
@@ -820,7 +849,7 @@
}
//* Add slashes to all records, when we encode data which shall be inserted into mysql.
- if($dbencode == true) $new_record[$key] = $app->db->quote($new_record[$key]);
+ if($dbencode == true && !is_null($new_record[$key])) $new_record[$key] = $app->db->quote($new_record[$key]);
}
}
return $new_record;
@@ -874,6 +903,9 @@
break;
case 'TRIM':
$returnval = trim($returnval);
+ break;
+ case 'NOWHITESPACE':
+ $returnval = preg_replace('/\s+/', '', $returnval);
break;
default:
$this->errorMessage .= "Unknown Filter: ".$filter['type'];
@@ -959,29 +991,37 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
+ break;
case 'ISEMAIL':
- if(function_exists('filter_var')) {
- if(filter_var($field_value, FILTER_VALIDATE_EMAIL) === false) {
- $errmsg = $validator['errmsg'];
- if(isset($this->wordbook[$errmsg])) {
- $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
- } else {
- $this->errorMessage .= $errmsg."<br />\r\n";
- }
- }
+ $error = false;
+ if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
+ if($validator['allowempty'] == 'y' && $field_value == '') {
+ //* Do nothing
} else {
- if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $field_value)) {
- $errmsg = $validator['errmsg'];
- if(isset($this->wordbook[$errmsg])) {
- $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ if(function_exists('filter_var')) {
+ if(filter_var($field_value, FILTER_VALIDATE_EMAIL) === false) {
+ $error = true;
} else {
- $this->errorMessage .= $errmsg."<br />\r\n";
+ if (!preg_match("/^[^\\+]+$/", $field_value)) { // * disallow + in local-part
+ $error = true;
+ }
}
- }
+ if ($error) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+
+ } else $this->errorMessage .= "function filter_var missing <br />\r\n";
}
+ unset($error);
break;
case 'ISINT':
- if(function_exists('filter_var') && $field_value < 2147483647) {
+ if(function_exists('filter_var') && $field_value < PHP_INT_MAX) {
+ //if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT, array("options" => array('min_range'=>0))) === false) {
if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT) === false) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
@@ -990,9 +1030,11 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
- } else {
- $tmpval = $app->functions->intval($field_value);
- if($tmpval === 0 and !empty($field_value)) {
+ } else $this->errorMessage .= "function filter_var missing <br />\r\n";
+ break;
+ case 'ISPOSITIVE':
+ if(function_exists('filter_var')) {
+ if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT, array("options" => array('min_range'=>1))) === false) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
@@ -1000,21 +1042,10 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
- }
- break;
- case 'ISPOSITIVE':
- if(!is_numeric($field_value) || $field_value <= 0){
- $errmsg = $validator['errmsg'];
- if(isset($this->wordbook[$errmsg])) {
- $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
- } else {
- $this->errorMessage .= $errmsg."<br />\r\n";
- }
- }
+ } else $this->errorMessage .= "function filter_var missing <br />\r\n";
break;
case 'V6PREFIXEND':
$explode_field_value = explode(':',$field_value);
-// if ($explode_field_value[count($explode_field_value)-1]=='' && $explode_field_value[count($explode_field_value)-2]=='' ){ }
if (!$explode_field_value[count($explode_field_value)-1]=='' && $explode_field_value[count($explode_field_value)-2]!='' ) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
@@ -1026,7 +1057,7 @@
break;
case 'V6PREFIXLENGTH':
// find shortes ipv6 subnet can`t be longer
- $sql_v6 = $app->db->queryOneRecord("SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND virtualhost = 'y' ORDER BY CHAR_LENGTH(ip_address) ASC LIMIT 0,1;");
+ $sql_v6 = $app->db->queryOneRecord("SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND virtualhost = 'y' ORDER BY CHAR_LENGTH(ip_address) ASC LIMIT 0,1");
$sql_v6_explode=explode(':',$sql_v6['ip_address']);
$explode_field_value = explode(':',$field_value);
if (count($sql_v6_explode) < count($explode_field_value) && isset($sql_v6['ip_address'])) {
@@ -1059,23 +1090,29 @@
break;
case 'ISIPV4':
- $vip=1;
-// if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
- if(preg_match("/^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $field_value)){
- $groups=explode(".", $field_value);
- foreach($groups as $group){
- if($group<0 or $group>255)
- $vip=0;
+ if(function_exists('filter_var')) {
+ if(!filter_var($field_value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
}
- }else{$vip=0;}
- if($vip==0) {
- $errmsg = $validator['errmsg'];
- if(isset($this->wordbook[$errmsg])) {
- $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
- } else {
- $this->errorMessage .= $errmsg."<br />\r\n";
+ } else $this->errorMessage .= "function filter_var missing <br />\r\n";
+ break;
+
+ case 'ISIPV6':
+ if(function_exists('filter_var')) {
+ if(!filter_var($field_value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
}
- }
+ } else $this->errorMessage .= "function filter_var missing <br />\r\n";
break;
case 'ISIP':
@@ -1101,28 +1138,29 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
+ } else $this->errorMessage .= "function filter_var missing <br />\r\n";
+ }
+ }
+ break;
+
+ case 'ISDATETIME':
+ /* Checks a datetime value against the date format of the current language */
+ if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
+ if($validator['allowempty'] == 'y' && $field_value == '') {
+ //* Do nothing
+ } else {
+ $parsed_date = date_parse_from_format($this->datetimeformat,$field_value);
+ if($parsed_date['error_count'] > 0 || ($parsed_date['year'] == 1899 && $parsed_date['month'] == 12 && $parsed_date['day'] == 31)) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
} else {
- //* Check content with regex, if we use php < 5.2
- $ip_ok = 0;
- if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){
- $ip_ok = 1;
- }
-// if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
- if(preg_match("/^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $field_value)){
- $ip_ok = 1;
- }
- if($ip_ok == 0) {
- $errmsg = $validator['errmsg'];
- if(isset($this->wordbook[$errmsg])) {
- $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
- } else {
- $this->errorMessage .= $errmsg."<br />\r\n";
- }
- }
+ $this->errorMessage .= $errmsg."<br />\r\n";
}
}
}
break;
+
case 'RANGE':
//* Checks if the value is within the given range or above / below a value
//* Range examples: < 10 = ":10", between 2 and 10 = "2:10", above 5 = "5:".
@@ -1224,7 +1262,7 @@
}
} else {
$sql_insert_key .= "`$key`, ";
- $sql_insert_val .= "'".$record[$key]."', ";
+ $sql_insert_val .= (is_null($record[$key]) ? 'NULL' : "'".$record[$key]."'") . ", ";
}
} else {
if($field['formtype'] == 'PASSWORD') {
@@ -1251,7 +1289,7 @@
$sql_update .= "`$key` = '".$record[$key]."', ";
}
} else {
- $sql_update .= "`$key` = '".$record[$key]."', ";
+ $sql_update .= "`$key` = " . (is_null($record[$key]) ? 'NULL' : "'".$record[$key]."'") . ", ";
}
}
} else {
--
Gitblit v1.9.1