Validate.php 40 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150
  1. <?php
  2. /**
  3. * Validation class
  4. *
  5. * Copyright (c) 1997-2006 Pierre-Alain Joye,Tomas V.V.Cox, Amir Saied
  6. *
  7. * This source file is subject to the New BSD license, That is bundled
  8. * with this package in the file LICENSE, and is available through
  9. * the world-wide-web at
  10. * http://www.opensource.org/licenses/bsd-license.php
  11. * If you did not receive a copy of the new BSDlicense and are unable
  12. * to obtain it through the world-wide-web, please send a note to
  13. * pajoye@php.net so we can mail you a copy immediately.
  14. *
  15. * Author: Tomas V.V.Cox <cox@idecnet.com>
  16. * Pierre-Alain Joye <pajoye@php.net>
  17. * Amir Mohammad Saied <amir@php.net>
  18. *
  19. *
  20. * Package to validate various datas. It includes :
  21. * - numbers (min/max, decimal or not)
  22. * - email (syntax, domain check)
  23. * - string (predifined type alpha upper and/or lowercase, numeric,...)
  24. * - date (min, max, rfc822 compliant)
  25. * - uri (RFC2396)
  26. * - possibility valid multiple data with a single method call (::multiple)
  27. *
  28. * @category Validate
  29. * @package Validate
  30. * @author Tomas V.V.Cox <cox@idecnet.com>
  31. * @author Pierre-Alain Joye <pajoye@php.net>
  32. * @author Amir Mohammad Saied <amir@php.net>
  33. * @copyright 1997-2006 Pierre-Alain Joye,Tomas V.V.Cox,Amir Mohammad Saied
  34. * @license http://www.opensource.org/licenses/bsd-license.php New BSD License
  35. * @version CVS: $Id$
  36. * @link http://pear.php.net/package/Validate
  37. */
  38. // {{{ Constants
  39. /**
  40. * Methods for common data validations
  41. */
  42. define('VALIDATE_NUM', '0-9');
  43. define('VALIDATE_SPACE', '\s');
  44. define('VALIDATE_ALPHA_LOWER', 'a-z');
  45. define('VALIDATE_ALPHA_UPPER', 'A-Z');
  46. define('VALIDATE_ALPHA', VALIDATE_ALPHA_LOWER . VALIDATE_ALPHA_UPPER);
  47. define('VALIDATE_EALPHA_LOWER', VALIDATE_ALPHA_LOWER . 'áéíóúýàèìòùäëïöüÿâêîôûãñõ¨åæç½ðøþß');
  48. define('VALIDATE_EALPHA_UPPER', VALIDATE_ALPHA_UPPER . 'ÁÉÍÓÚÝÀÈÌÒÙÄËÏÖܾÂÊÎÔÛÃÑÕ¦ÅÆǼÐØÞ');
  49. define('VALIDATE_EALPHA', VALIDATE_EALPHA_LOWER . VALIDATE_EALPHA_UPPER);
  50. define('VALIDATE_PUNCTUATION', VALIDATE_SPACE . '\.,;\:&"\'\?\!\(\)');
  51. define('VALIDATE_NAME', VALIDATE_EALPHA . VALIDATE_SPACE . "'" . '\-');
  52. define('VALIDATE_STREET', VALIDATE_NUM . VALIDATE_NAME . "/\\ºª\.");
  53. define('VALIDATE_ITLD_EMAILS', 1);
  54. define('VALIDATE_GTLD_EMAILS', 2);
  55. define('VALIDATE_CCTLD_EMAILS', 4);
  56. define('VALIDATE_ALL_EMAILS', 8);
  57. // }}}
  58. /**
  59. * Validation class
  60. *
  61. * Package to validate various datas. It includes :
  62. * - numbers (min/max, decimal or not)
  63. * - email (syntax, domain check)
  64. * - string (predifined type alpha upper and/or lowercase, numeric,...)
  65. * - date (min, max)
  66. * - uri (RFC2396)
  67. * - possibility valid multiple data with a single method call (::multiple)
  68. *
  69. * @category Validate
  70. * @package Validate
  71. * @author Tomas V.V.Cox <cox@idecnet.com>
  72. * @author Pierre-Alain Joye <pajoye@php.net>
  73. * @author Amir Mohammad Saied <amir@php.net>
  74. * @copyright 1997-2006 Pierre-Alain Joye,Tomas V.V.Cox,Amir Mohammad Saied
  75. * @license http://www.opensource.org/licenses/bsd-license.php New BSD License
  76. * @version Release: @package_version@
  77. * @link http://pear.php.net/package/Validate
  78. */
  79. class Validate
  80. {
  81. // {{{ International, Generic and Country code TLDs
  82. /**
  83. * International Top-Level Domain
  84. *
  85. * This is an array of the known international
  86. * top-level domain names.
  87. *
  88. * @access protected
  89. * @var array $_iTld (International top-level domains)
  90. */
  91. var $_itld = array(
  92. 'arpa',
  93. 'root',
  94. );
  95. /**
  96. * Generic top-level domain
  97. *
  98. * This is an array of the official
  99. * generic top-level domains.
  100. *
  101. * @access protected
  102. * @var array $_gTld (Generic top-level domains)
  103. */
  104. var $_gtld = array(
  105. 'aero',
  106. 'biz',
  107. 'cat',
  108. 'com',
  109. 'coop',
  110. 'edu',
  111. 'gov',
  112. 'info',
  113. 'int',
  114. 'jobs',
  115. 'mil',
  116. 'mobi',
  117. 'museum',
  118. 'name',
  119. 'net',
  120. 'org',
  121. 'pro',
  122. 'travel',
  123. 'asia',
  124. 'post',
  125. 'tel',
  126. 'geo',
  127. );
  128. /**
  129. * Country code top-level domains
  130. *
  131. * This is an array of the official country
  132. * codes top-level domains
  133. *
  134. * @access protected
  135. * @var array $_ccTld (Country Code Top-Level Domain)
  136. */
  137. var $_cctld = array(
  138. 'ac',
  139. 'ad','ae','af','ag',
  140. 'ai','al','am','an',
  141. 'ao','aq','ar','as',
  142. 'at','au','aw','ax',
  143. 'az','ba','bb','bd',
  144. 'be','bf','bg','bh',
  145. 'bi','bj','bm','bn',
  146. 'bo','br','bs','bt',
  147. 'bu','bv','bw','by',
  148. 'bz','ca','cc','cd',
  149. 'cf','cg','ch','ci',
  150. 'ck','cl','cm','cn',
  151. 'co','cr','cs','cu',
  152. 'cv','cx','cy','cz',
  153. 'de','dj','dk','dm',
  154. 'do','dz','ec','ee',
  155. 'eg','eh','er','es',
  156. 'et','eu','fi','fj',
  157. 'fk','fm','fo','fr',
  158. 'ga','gb','gd','ge',
  159. 'gf','gg','gh','gi',
  160. 'gl','gm','gn','gp',
  161. 'gq','gr','gs','gt',
  162. 'gu','gw','gy','hk',
  163. 'hm','hn','hr','ht',
  164. 'hu','id','ie','il',
  165. 'im','in','io','iq',
  166. 'ir','is','it','je',
  167. 'jm','jo','jp','ke',
  168. 'kg','kh','ki','km',
  169. 'kn','kp','kr','kw',
  170. 'ky','kz','la','lb',
  171. 'lc','li','lk','lr',
  172. 'ls','lt','lu','lv',
  173. 'ly','ma','mc','md',
  174. 'me','mg','mh','mk',
  175. 'ml','mm','mn','mo',
  176. 'mp','mq','mr','ms',
  177. 'mt','mu','mv','mw',
  178. 'mx','my','mz','na',
  179. 'nc','ne','nf','ng',
  180. 'ni','nl','no','np',
  181. 'nr','nu','nz','om',
  182. 'pa','pe','pf','pg',
  183. 'ph','pk','pl','pm',
  184. 'pn','pr','ps','pt',
  185. 'pw','py','qa','re',
  186. 'ro','rs','ru','rw',
  187. 'sa','sb','sc','sd',
  188. 'se','sg','sh','si',
  189. 'sj','sk','sl','sm',
  190. 'sn','so','sr','st',
  191. 'su','sv','sy','sz',
  192. 'tc','td','tf','tg',
  193. 'th','tj','tk','tl',
  194. 'tm','tn','to','tp',
  195. 'tr','tt','tv','tw',
  196. 'tz','ua','ug','uk',
  197. 'us','uy','uz','va',
  198. 'vc','ve','vg','vi',
  199. 'vn','vu','wf','ws',
  200. 'ye','yt','yu','za',
  201. 'zm','zw',
  202. );
  203. // }}}
  204. /**
  205. * Validate a tag URI (RFC4151)
  206. *
  207. * @param string $uri tag URI to validate
  208. *
  209. * @return boolean true if valid tag URI, false if not
  210. *
  211. * @access private
  212. */
  213. function __uriRFC4151($uri)
  214. {
  215. $datevalid = false;
  216. if (preg_match(
  217. '/^tag:(?<name>.*),(?<date>\d{4}-?\d{0,2}-?\d{0,2}):(?<specific>.*)(.*:)*$/', $uri, $matches)) {
  218. $date = $matches['date'];
  219. $date6 = strtotime($date);
  220. if ((strlen($date) == 4) && $date <= date('Y')) {
  221. $datevalid = true;
  222. } elseif ((strlen($date) == 7) && ($date6 < strtotime("now"))) {
  223. $datevalid = true;
  224. } elseif ((strlen($date) == 10) && ($date6 < strtotime("now"))) {
  225. $datevalid = true;
  226. }
  227. if (self::email($matches['name'])) {
  228. $namevalid = true;
  229. } else {
  230. $namevalid = self::email('info@' . $matches['name']);
  231. }
  232. return $datevalid && $namevalid;
  233. } else {
  234. return false;
  235. }
  236. }
  237. /**
  238. * Validate a number
  239. *
  240. * @param string $number Number to validate
  241. * @param array $options array where:
  242. * 'decimal' is the decimal char or false when decimal
  243. * not allowed.
  244. * i.e. ',.' to allow both ',' and '.'
  245. * 'dec_prec' Number of allowed decimals
  246. * 'min' minimum value
  247. * 'max' maximum value
  248. *
  249. * @return boolean true if valid number, false if not
  250. *
  251. * @access public
  252. */
  253. function number($number, $options = array())
  254. {
  255. $decimal = $dec_prec = $min = $max = null;
  256. if (is_array($options)) {
  257. extract($options);
  258. }
  259. $dec_prec = $dec_prec ? "{1,$dec_prec}" : '+';
  260. $dec_regex = $decimal ? "[$decimal][0-9]$dec_prec" : '';
  261. if (!preg_match("|^[-+]?\s*[0-9]+($dec_regex)?\$|", $number)) {
  262. return false;
  263. }
  264. if ($decimal != '.') {
  265. $number = strtr($number, $decimal, '.');
  266. }
  267. $number = (float)str_replace(' ', '', $number);
  268. if ($min !== null && $min > $number) {
  269. return false;
  270. }
  271. if ($max !== null && $max < $number) {
  272. return false;
  273. }
  274. return true;
  275. }
  276. /**
  277. * Converting a string to UTF-7 (RFC 2152)
  278. *
  279. * @param string $string string to be converted
  280. *
  281. * @return string converted string
  282. *
  283. * @access private
  284. */
  285. function __stringToUtf7($string)
  286. {
  287. $return = '';
  288. $utf7 = array(
  289. 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K',
  290. 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V',
  291. 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g',
  292. 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r',
  293. 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2',
  294. '3', '4', '5', '6', '7', '8', '9', '+', ','
  295. );
  296. $state = 0;
  297. if (!empty($string)) {
  298. $i = 0;
  299. while ($i <= strlen($string)) {
  300. $char = substr($string, $i, 1);
  301. if ($state == 0) {
  302. if ((ord($char) >= 0x7F) || (ord($char) <= 0x1F)) {
  303. if ($char) {
  304. $return .= '&';
  305. }
  306. $state = 1;
  307. } elseif ($char == '&') {
  308. $return .= '&-';
  309. } else {
  310. $return .= $char;
  311. }
  312. } elseif (($i == strlen($string) ||
  313. !((ord($char) >= 0x7F)) || (ord($char) <= 0x1F))) {
  314. if ($state != 1) {
  315. if (ord($char) > 64) {
  316. $return .= '';
  317. } else {
  318. $return .= $utf7[ord($char)];
  319. }
  320. }
  321. $return .= '-';
  322. $state = 0;
  323. } else {
  324. switch($state) {
  325. case 1:
  326. $return .= $utf7[ord($char) >> 2];
  327. $residue = (ord($char) & 0x03) << 4;
  328. $state = 2;
  329. break;
  330. case 2:
  331. $return .= $utf7[$residue | (ord($char) >> 4)];
  332. $residue = (ord($char) & 0x0F) << 2;
  333. $state = 3;
  334. break;
  335. case 3:
  336. $return .= $utf7[$residue | (ord($char) >> 6)];
  337. $return .= $utf7[ord($char) & 0x3F];
  338. $state = 1;
  339. break;
  340. }
  341. }
  342. $i++;
  343. }
  344. return $return;
  345. }
  346. return '';
  347. }
  348. /**
  349. * Validate an email according to full RFC822 (inclusive human readable part)
  350. *
  351. * @param string $email email to validate,
  352. * will return the address for optional dns validation
  353. * @param array $options email() options
  354. *
  355. * @return boolean true if valid email, false if not
  356. *
  357. * @access private
  358. */
  359. function __emailRFC822(&$email, &$options)
  360. {
  361. static $address = null;
  362. static $uncomment = null;
  363. if (!$address) {
  364. // atom = 1*<any CHAR except specials, SPACE and CTLs>
  365. $atom = '[^][()<>@,;:\\".\s\000-\037\177-\377]+\s*';
  366. // qtext = <any CHAR excepting <">, ; => may be folded
  367. // "\" & CR, and including linear-white-space>
  368. $qtext = '[^"\\\\\r]';
  369. // quoted-pair = "\" CHAR ; may quote any char
  370. $quoted_pair = '\\\\.';
  371. // quoted-string = <"> *(qtext/quoted-pair) <">; Regular qtext or
  372. // ; quoted chars.
  373. $quoted_string = '"(?:' . $qtext . '|' . $quoted_pair . ')*"\s*';
  374. // word = atom / quoted-string
  375. $word = '(?:' . $atom . '|' . $quoted_string . ')';
  376. // local-part = word *("." word) ; uninterpreted
  377. // ; case-preserved
  378. $local_part = $word . '(?:\.\s*' . $word . ')*';
  379. // dtext = <any CHAR excluding "[", ; => may be folded
  380. // "]", "\" & CR, & including linear-white-space>
  381. $dtext = '[^][\\\\\r]';
  382. // domain-literal = "[" *(dtext / quoted-pair) "]"
  383. $domain_literal = '\[(?:' . $dtext . '|' . $quoted_pair . ')*\]\s*';
  384. // sub-domain = domain-ref / domain-literal
  385. // domain-ref = atom ; symbolic reference
  386. $sub_domain = '(?:' . $atom . '|' . $domain_literal . ')';
  387. // domain = sub-domain *("." sub-domain)
  388. $domain = $sub_domain . '(?:\.\s*' . $sub_domain . ')*';
  389. // addr-spec = local-part "@" domain ; global address
  390. $addr_spec = $local_part . '@\s*' . $domain;
  391. // route = 1#("@" domain) ":" ; path-relative
  392. $route = '@' . $domain . '(?:,@\s*' . $domain . ')*:\s*';
  393. // route-addr = "<" [route] addr-spec ">"
  394. $route_addr = '<\s*(?:' . $route . ')?' . $addr_spec . '>\s*';
  395. // phrase = 1*word ; Sequence of words
  396. $phrase = $word . '+';
  397. // mailbox = addr-spec ; simple address
  398. // / phrase route-addr ; name & addr-spec
  399. $mailbox = '(?:' . $addr_spec . '|' . $phrase . $route_addr . ')';
  400. // group = phrase ":" [#mailbox] ";"
  401. $group = $phrase . ':\s*(?:' . $mailbox . '(?:,\s*' . $mailbox . ')*)?;\s*';
  402. // address = mailbox ; one addressee
  403. // / group ; named list
  404. $address = '/^\s*(?:' . $mailbox . '|' . $group . ')$/';
  405. $uncomment =
  406. '/((?:(?:\\\\"|[^("])*(?:' . $quoted_string .
  407. ')?)*)((?<!\\\\)\((?:(?2)|.)*?(?<!\\\\)\))/';
  408. }
  409. // strip comments
  410. $email = preg_replace($uncomment, '$1 ', $email);
  411. return preg_match($address, $email);
  412. }
  413. /**
  414. * Full TLD Validation function
  415. *
  416. * This function is used to make a much more proficient validation
  417. * against all types of official domain names.
  418. *
  419. * @param string $email The email address to check.
  420. * @param array $options The options for validation
  421. *
  422. * @access protected
  423. *
  424. * @return bool True if validating succeeds
  425. */
  426. function _fullTLDValidation($email, $options)
  427. {
  428. $validate = array();
  429. if(!empty($options["VALIDATE_ITLD_EMAILS"])) array_push($validate, 'itld');
  430. if(!empty($options["VALIDATE_GTLD_EMAILS"])) array_push($validate, 'gtld');
  431. if(!empty($options["VALIDATE_CCTLD_EMAILS"])) array_push($validate, 'cctld');
  432. if (count($validate) === 0) {
  433. array_push($validate, 'itld', 'gtld', 'cctld');
  434. }
  435. $self = new Validate;
  436. $toValidate = array();
  437. foreach ($validate as $valid) {
  438. $tmpVar = '_' . (string)$valid;
  439. $toValidate[$valid] = $self->{$tmpVar};
  440. }
  441. $e = $self->executeFullEmailValidation($email, $toValidate);
  442. return $e;
  443. }
  444. /**
  445. * Execute the validation
  446. *
  447. * This function will execute the full email vs tld
  448. * validation using an array of tlds passed to it.
  449. *
  450. * @param string $email The email to validate.
  451. * @param array $arrayOfTLDs The array of the TLDs to validate
  452. *
  453. * @access public
  454. *
  455. * @return true or false (Depending on if it validates or if it does not)
  456. */
  457. function executeFullEmailValidation($email, $arrayOfTLDs)
  458. {
  459. $emailEnding = explode('.', $email);
  460. $emailEnding = $emailEnding[count($emailEnding)-1];
  461. foreach ($arrayOfTLDs as $validator => $keys) {
  462. if (in_array($emailEnding, $keys)) {
  463. return true;
  464. }
  465. }
  466. return false;
  467. }
  468. /**
  469. * Validate an email
  470. *
  471. * @param string $email email to validate
  472. * @param mixed boolean (BC) $check_domain Check or not if the domain exists
  473. * array $options associative array of options
  474. * 'check_domain' boolean Check or not if the domain exists
  475. * 'use_rfc822' boolean Apply the full RFC822 grammar
  476. *
  477. * Ex.
  478. * $options = array(
  479. * 'check_domain' => 'true',
  480. * 'fullTLDValidation' => 'true',
  481. * 'use_rfc822' => 'true',
  482. * 'VALIDATE_GTLD_EMAILS' => 'true',
  483. * 'VALIDATE_CCTLD_EMAILS' => 'true',
  484. * 'VALIDATE_ITLD_EMAILS' => 'true',
  485. * );
  486. *
  487. * @return boolean true if valid email, false if not
  488. *
  489. * @access public
  490. */
  491. function email($email, $options = null)
  492. {
  493. $check_domain = false;
  494. $use_rfc822 = false;
  495. if (is_bool($options)) {
  496. $check_domain = $options;
  497. } elseif (is_array($options)) {
  498. extract($options);
  499. }
  500. /**
  501. * Check for IDN usage so we can encode the domain as Punycode
  502. * before continuing.
  503. */
  504. $hasIDNA = false;
  505. if (Validate::_includePathFileExists('Net/IDNA.php')) {
  506. include_once('Net/IDNA.php');
  507. $hasIDNA = true;
  508. }
  509. if ($hasIDNA === true) {
  510. if (strpos($email, '@') !== false) {
  511. $tmpEmail = explode('@', $email);
  512. $domain = array_pop($tmpEmail);
  513. // Check if the domain contains characters > 127 which means
  514. // it's an idn domain name.
  515. $chars = count_chars($domain, 1);
  516. if (!empty($chars) && max(array_keys($chars)) > 127) {
  517. $idna =& Net_IDNA::singleton();
  518. $domain = $idna->encode($domain);
  519. }
  520. array_push($tmpEmail, $domain);
  521. $email = implode('@', $tmpEmail);
  522. }
  523. }
  524. /**
  525. * @todo Fix bug here.. even if it passes this, it won't be passing
  526. * The regular expression below
  527. */
  528. if (isset($fullTLDValidation)) {
  529. //$valid = Validate::_fullTLDValidation($email, $fullTLDValidation);
  530. $valid = Validate::_fullTLDValidation($email, $options);
  531. if (!$valid) {
  532. return false;
  533. }
  534. }
  535. // the base regexp for address
  536. $regex = '&^(?: # recipient:
  537. ("\s*(?:[^"\f\n\r\t\v\b\s]+\s*)+")| #1 quoted name
  538. ([-\w!\#\$%\&\'*+~/^`|{}]+(?:\.[-\w!\#\$%\&\'*+~/^`|{}]+)*)) #2 OR dot-atom
  539. @(((\[)? #3 domain, 4 as IPv4, 5 optionally bracketed
  540. (?:(?:(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:[0-1]?[0-9]?[0-9]))\.){3}
  541. (?:(?:25[0-5])|(?:2[0-4][0-9])|(?:[0-1]?[0-9]?[0-9]))))(?(5)\])|
  542. ((?:[a-z0-9](?:[-a-z0-9]*[a-z0-9])?\.)*[a-z0-9](?:[-a-z0-9]*[a-z0-9])?) #6 domain as hostname
  543. \.((?:([^- ])[-a-z]*[-a-z]))) #7 TLD
  544. $&xi';
  545. //checks if exists the domain (MX or A)
  546. if ($use_rfc822? Validate::__emailRFC822($email, $options) :
  547. preg_match($regex, $email)) {
  548. if ($check_domain && function_exists('checkdnsrr')) {
  549. $domain = preg_replace('/[^-a-z.0-9]/i', '', array_pop(explode('@', $email)));
  550. if (checkdnsrr($domain, 'MX') || checkdnsrr($domain, 'A')) {
  551. return true;
  552. }
  553. return false;
  554. }
  555. return true;
  556. }
  557. return false;
  558. }
  559. /**
  560. * Validate a string using the given format 'format'
  561. *
  562. * @param string $string String to validate
  563. * @param array $options Options array where:
  564. * 'format' is the format of the string
  565. * Ex:VALIDATE_NUM . VALIDATE_ALPHA (see constants)
  566. * 'min_length' minimum length
  567. * 'max_length' maximum length
  568. *
  569. * @return boolean true if valid string, false if not
  570. *
  571. * @access public
  572. */
  573. function string($string, $options)
  574. {
  575. $format = null;
  576. $min_length = 0;
  577. $max_length = 0;
  578. if (is_array($options)) {
  579. extract($options);
  580. }
  581. if ($format && !preg_match("|^[$format]*\$|s", $string)) {
  582. return false;
  583. }
  584. if ($min_length && strlen($string) < $min_length) {
  585. return false;
  586. }
  587. if ($max_length && strlen($string) > $max_length) {
  588. return false;
  589. }
  590. return true;
  591. }
  592. /**
  593. * Validate an URI (RFC2396)
  594. * This function will validate 'foobarstring' by default, to get it to validate
  595. * only http, https, ftp and such you have to pass it in the allowed_schemes
  596. * option, like this:
  597. * <code>
  598. * $options = array('allowed_schemes' => array('http', 'https', 'ftp'))
  599. * var_dump(Validate::uri('http://www.example.org', $options));
  600. * </code>
  601. *
  602. * NOTE 1: The rfc2396 normally allows middle '-' in the top domain
  603. * e.g. http://example.co-m should be valid
  604. * However, as '-' is not used in any known TLD, it is invalid
  605. * NOTE 2: As double shlashes // are allowed in the path part, only full URIs
  606. * including an authority can be valid, no relative URIs
  607. * the // are mandatory (optionally preceeded by the 'sheme:' )
  608. * NOTE 3: the full complience to rfc2396 is not achieved by default
  609. * the characters ';/?:@$,' will not be accepted in the query part
  610. * if not urlencoded, refer to the option "strict'"
  611. *
  612. * @param string $url URI to validate
  613. * @param array $options Options used by the validation method.
  614. * key => type
  615. * 'domain_check' => boolean
  616. * Whether to check the DNS entry or not
  617. * 'allowed_schemes' => array, list of protocols
  618. * List of allowed schemes ('http',
  619. * 'ssh+svn', 'mms')
  620. * 'strict' => string the refused chars
  621. * in query and fragment parts
  622. * default: ';/?:@$,'
  623. * empty: accept all rfc2396 foreseen chars
  624. *
  625. * @return boolean true if valid uri, false if not
  626. *
  627. * @access public
  628. */
  629. function uri($url, $options = null)
  630. {
  631. $strict = ';/?:@$,';
  632. $domain_check = false;
  633. $allowed_schemes = null;
  634. if (is_array($options)) {
  635. extract($options);
  636. }
  637. if (is_array($allowed_schemes) &&
  638. in_array("tag", $allowed_schemes)
  639. ) {
  640. if (strpos($url, "tag:") === 0) {
  641. return self::__uriRFC4151($url);
  642. }
  643. }
  644. if (preg_match(
  645. '&^(?:([a-z][-+.a-z0-9]*):)? # 1. scheme
  646. (?:// # authority start
  647. (?:((?:%[0-9a-f]{2}|[-a-z0-9_.!~*\'();:\&=+$,])*)@)? # 2. authority-userinfo
  648. (?:((?:[a-z0-9](?:[-a-z0-9]*[a-z0-9])?\.)*[a-z](?:[a-z0-9]+)?\.?) # 3. authority-hostname OR
  649. |([0-9]{1,3}(?:\.[0-9]{1,3}){3})) # 4. authority-ipv4
  650. (?::([0-9]*))?) # 5. authority-port
  651. ((?:/(?:%[0-9a-f]{2}|[-a-z0-9_.!~*\'():@\&=+$,;])*)*/?)? # 6. path
  652. (?:\?([^#]*))? # 7. query
  653. (?:\#((?:%[0-9a-f]{2}|[-a-z0-9_.!~*\'();/?:@\&=+$,])*))? # 8. fragment
  654. $&xi', $url, $matches)) {
  655. $scheme = isset($matches[1]) ? $matches[1] : '';
  656. $authority = isset($matches[3]) ? $matches[3] : '' ;
  657. if (is_array($allowed_schemes) &&
  658. !in_array($scheme, $allowed_schemes)
  659. ) {
  660. return false;
  661. }
  662. if (!empty($matches[4])) {
  663. $parts = explode('.', $matches[4]);
  664. foreach ($parts as $part) {
  665. if ($part > 255) {
  666. return false;
  667. }
  668. }
  669. } elseif ($domain_check && function_exists('checkdnsrr')) {
  670. if (!checkdnsrr($authority, 'A')) {
  671. return false;
  672. }
  673. }
  674. if ($strict) {
  675. $strict = '#[' . preg_quote($strict, '#') . ']#';
  676. if ((!empty($matches[7]) && preg_match($strict, $matches[7]))
  677. || (!empty($matches[8]) && preg_match($strict, $matches[8]))) {
  678. return false;
  679. }
  680. }
  681. return true;
  682. }
  683. return false;
  684. }
  685. /**
  686. * Validate date and times. Note that this method need the Date_Calc class
  687. *
  688. * @param string $date Date to validate
  689. * @param array $options array options where :
  690. * 'format' The format of the date (%d-%m-%Y)
  691. * or rfc822_compliant
  692. * 'min' The date has to be greater
  693. * than this array($day, $month, $year)
  694. * or PEAR::Date object
  695. * 'max' The date has to be smaller than
  696. * this array($day, $month, $year)
  697. * or PEAR::Date object
  698. *
  699. * @return boolean true if valid date/time, false if not
  700. *
  701. * @access public
  702. */
  703. function date($date, $options)
  704. {
  705. $max = false;
  706. $min = false;
  707. $format = '';
  708. if (is_array($options)) {
  709. extract($options);
  710. }
  711. if (strtolower($format) == 'rfc822_compliant') {
  712. $preg = '&^(?:(Mon|Tue|Wed|Thu|Fri|Sat|Sun),) \s+
  713. (?:(\d{2})?) \s+
  714. (?:(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)?) \s+
  715. (?:(\d{2}(\d{2})?)?) \s+
  716. (?:(\d{2}?)):(?:(\d{2}?))(:(?:(\d{2}?)))? \s+
  717. (?:[+-]\d{4}|UT|GMT|EST|EDT|CST|CDT|MST|MDT|PST|PDT|[A-IK-Za-ik-z])$&xi';
  718. if (!preg_match($preg, $date, $matches)) {
  719. return false;
  720. }
  721. $year = (int)$matches[4];
  722. $months = array('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',
  723. 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec');
  724. $month = array_keys($months, $matches[3]);
  725. $month = (int)$month[0]+1;
  726. $day = (int)$matches[2];
  727. $weekday = $matches[1];
  728. $hour = (int)$matches[6];
  729. $minute = (int)$matches[7];
  730. isset($matches[9]) ? $second = (int)$matches[9] : $second = 0;
  731. if ((strlen($year) != 4) ||
  732. ($day > 31 || $day < 1)||
  733. ($hour > 23) ||
  734. ($minute > 59) ||
  735. ($second > 59)) {
  736. return false;
  737. }
  738. } else {
  739. $date_len = strlen($format);
  740. for ($i = 0; $i < $date_len; $i++) {
  741. $c = $format{$i};
  742. if ($c == '%') {
  743. $next = $format{$i + 1};
  744. switch ($next) {
  745. case 'j':
  746. case 'd':
  747. if ($next == 'j') {
  748. $day = (int)Validate::_substr($date, 1, 2);
  749. } else {
  750. $day = (int)Validate::_substr($date, 0, 2);
  751. }
  752. if ($day < 1 || $day > 31) {
  753. return false;
  754. }
  755. break;
  756. case 'm':
  757. case 'n':
  758. if ($next == 'm') {
  759. $month = (int)Validate::_substr($date, 0, 2);
  760. } else {
  761. $month = (int)Validate::_substr($date, 1, 2);
  762. }
  763. if ($month < 1 || $month > 12) {
  764. return false;
  765. }
  766. break;
  767. case 'Y':
  768. case 'y':
  769. if ($next == 'Y') {
  770. $year = Validate::_substr($date, 4);
  771. $year = (int)$year?$year:'';
  772. } else {
  773. $year = (int)(substr(date('Y'), 0, 2) .
  774. Validate::_substr($date, 2));
  775. }
  776. if (strlen($year) != 4 || $year < 0 || $year > 9999) {
  777. return false;
  778. }
  779. break;
  780. case 'g':
  781. case 'h':
  782. if ($next == 'g') {
  783. $hour = Validate::_substr($date, 1, 2);
  784. } else {
  785. $hour = Validate::_substr($date, 2);
  786. }
  787. if (!preg_match('/^\d+$/', $hour) || $hour < 0 || $hour > 12) {
  788. return false;
  789. }
  790. break;
  791. case 'G':
  792. case 'H':
  793. if ($next == 'G') {
  794. $hour = Validate::_substr($date, 1, 2);
  795. } else {
  796. $hour = Validate::_substr($date, 2);
  797. }
  798. if (!preg_match('/^\d+$/', $hour) || $hour < 0 || $hour > 24) {
  799. return false;
  800. }
  801. break;
  802. case 's':
  803. case 'i':
  804. $t = Validate::_substr($date, 2);
  805. if (!preg_match('/^\d+$/', $t) || $t < 0 || $t > 59) {
  806. return false;
  807. }
  808. break;
  809. default:
  810. trigger_error("Not supported char `$next' after % in offset " . ($i+2), E_USER_WARNING);
  811. }
  812. $i++;
  813. } else {
  814. //literal
  815. if (Validate::_substr($date, 1) != $c) {
  816. return false;
  817. }
  818. }
  819. }
  820. }
  821. // there is remaing data, we don't want it
  822. if (strlen($date) && (strtolower($format) != 'rfc822_compliant')) {
  823. return false;
  824. }
  825. if (isset($day) && isset($month) && isset($year)) {
  826. if (!checkdate($month, $day, $year)) {
  827. return false;
  828. }
  829. if (strtolower($format) == 'rfc822_compliant') {
  830. if ($weekday != date("D", mktime(0, 0, 0, $month, $day, $year))) {
  831. return false;
  832. }
  833. }
  834. if ($min) {
  835. include_once 'Date/Calc.php';
  836. if (is_a($min, 'Date') &&
  837. (Date_Calc::compareDates($day, $month, $year,
  838. $min->getDay(), $min->getMonth(), $min->getYear()) < 0)
  839. ) {
  840. return false;
  841. } elseif (is_array($min) &&
  842. (Date_Calc::compareDates($day, $month, $year,
  843. $min[0], $min[1], $min[2]) < 0)
  844. ) {
  845. return false;
  846. }
  847. }
  848. if ($max) {
  849. include_once 'Date/Calc.php';
  850. if (is_a($max, 'Date') &&
  851. (Date_Calc::compareDates($day, $month, $year,
  852. $max->getDay(), $max->getMonth(), $max->getYear()) > 0)
  853. ) {
  854. return false;
  855. } elseif (is_array($max) &&
  856. (Date_Calc::compareDates($day, $month, $year,
  857. $max[0], $max[1], $max[2]) > 0)
  858. ) {
  859. return false;
  860. }
  861. }
  862. }
  863. return true;
  864. }
  865. /**
  866. * Substr
  867. *
  868. * @param string &$date Date
  869. * @param string $num Length
  870. * @param string $opt Unknown
  871. *
  872. * @access private
  873. * @return string
  874. */
  875. function _substr(&$date, $num, $opt = false)
  876. {
  877. if ($opt && strlen($date) >= $opt && preg_match('/^[0-9]{'.$opt.'}/', $date, $m)) {
  878. $ret = $m[0];
  879. } else {
  880. $ret = substr($date, 0, $num);
  881. }
  882. $date = substr($date, strlen($ret));
  883. return $ret;
  884. }
  885. function _modf($val, $div)
  886. {
  887. if (function_exists('bcmod')) {
  888. return bcmod($val, $div);
  889. } elseif (function_exists('fmod')) {
  890. return fmod($val, $div);
  891. }
  892. $r = $val / $div;
  893. $i = intval($r);
  894. return intval($val - $i * $div + .1);
  895. }
  896. /**
  897. * Calculates sum of product of number digits with weights
  898. *
  899. * @param string $number number string
  900. * @param array $weights reference to array of weights
  901. *
  902. * @access protected
  903. *
  904. * @return int returns product of number digits with weights
  905. */
  906. function _multWeights($number, &$weights)
  907. {
  908. if (!is_array($weights)) {
  909. return -1;
  910. }
  911. $sum = 0;
  912. $count = min(count($weights), strlen($number));
  913. if ($count == 0) { // empty string or weights array
  914. return -1;
  915. }
  916. for ($i = 0; $i < $count; ++$i) {
  917. $sum += intval(substr($number, $i, 1)) * $weights[$i];
  918. }
  919. return $sum;
  920. }
  921. /**
  922. * Calculates control digit for a given number
  923. *
  924. * @param string $number number string
  925. * @param array $weights reference to array of weights
  926. * @param int $modulo (optionsl) number
  927. * @param int $subtract (optional) number
  928. * @param bool $allow_high (optional) true if function can return number higher than 10
  929. *
  930. * @access protected
  931. *
  932. * @return int -1 calculated control number is returned
  933. */
  934. function _getControlNumber($number, &$weights, $modulo = 10, $subtract = 0, $allow_high = false)
  935. {
  936. // calc sum
  937. $sum = Validate::_multWeights($number, $weights);
  938. if ($sum == -1) {
  939. return -1;
  940. }
  941. $mod = Validate::_modf($sum, $modulo); // calculate control digit
  942. if ($subtract > $mod && $mod > 0) {
  943. $mod = $subtract - $mod;
  944. }
  945. if ($allow_high === false) {
  946. $mod %= 10; // change 10 to zero
  947. }
  948. return $mod;
  949. }
  950. /**
  951. * Validates a number
  952. *
  953. * @param string $number number to validate
  954. * @param array $weights reference to array of weights
  955. * @param int $modulo (optional) number
  956. * @param int $subtract (optional) number
  957. *
  958. * @access protected
  959. *
  960. * @return bool true if valid, false if not
  961. */
  962. function _checkControlNumber($number, &$weights, $modulo = 10, $subtract = 0)
  963. {
  964. if (strlen($number) < count($weights)) {
  965. return false;
  966. }
  967. $target_digit = substr($number, count($weights), 1);
  968. $control_digit = Validate::_getControlNumber($number, $weights, $modulo, $subtract, $modulo > 10);
  969. if ($control_digit == -1) {
  970. return false;
  971. }
  972. if ($target_digit === 'X' && $control_digit == 10) {
  973. return true;
  974. }
  975. if ($control_digit != $target_digit) {
  976. return false;
  977. }
  978. return true;
  979. }
  980. /**
  981. * Bulk data validation for data introduced in the form of an
  982. * assoc array in the form $var_name => $value.
  983. * Can be used on any of Validate subpackages
  984. *
  985. * @param array $data Ex: array('name' => 'toto', 'email' => 'toto@thing.info');
  986. * @param array $val_type Contains the validation type and all parameters used in.
  987. * 'val_type' is not optional
  988. * others validations properties must have the same name as the function
  989. * parameters.
  990. * Ex: array('toto'=>array('type'=>'string','format'='toto@thing.info','min_length'=>5));
  991. * @param boolean $remove if set, the elements not listed in data will be removed
  992. *
  993. * @return array value name => true|false the value name comes from the data key
  994. *
  995. * @access public
  996. */
  997. function multiple(&$data, &$val_type, $remove = false)
  998. {
  999. $keys = array_keys($data);
  1000. $valid = array();
  1001. foreach ($keys as $var_name) {
  1002. if (!isset($val_type[$var_name])) {
  1003. if ($remove) {
  1004. unset($data[$var_name]);
  1005. }
  1006. continue;
  1007. }
  1008. $opt = $val_type[$var_name];
  1009. $methods = get_class_methods('Validate');
  1010. $val2check = $data[$var_name];
  1011. // core validation method
  1012. if (in_array(strtolower($opt['type']), $methods)) {
  1013. //$opt[$opt['type']] = $data[$var_name];
  1014. $method = $opt['type'];
  1015. unset($opt['type']);
  1016. if (sizeof($opt) == 1 && is_array(reset($opt))) {
  1017. $opt = array_pop($opt);
  1018. }
  1019. $valid[$var_name] = call_user_func(array('Validate', $method), $val2check, $opt);
  1020. /**
  1021. * external validation method in the form:
  1022. * "<class name><underscore><method name>"
  1023. * Ex: us_ssn will include class Validate/US.php and call method ssn()
  1024. */
  1025. } elseif (strpos($opt['type'], '_') !== false) {
  1026. $validateType = explode('_', $opt['type']);
  1027. $method = array_pop($validateType);
  1028. $class = implode('_', $validateType);
  1029. $classPath = str_replace('_', DIRECTORY_SEPARATOR, $class);
  1030. $class = 'Validate_' . $class;
  1031. if (Validate::_includePathFileExists("Validate/$classPath.php")) {
  1032. include_once "Validate/$classPath.php";
  1033. } else {
  1034. trigger_error("$class isn't installed or you may have some permission issues", E_USER_ERROR);
  1035. }
  1036. $ce = substr(phpversion(), 0, 1) > 4 ?
  1037. class_exists($class, false) : class_exists($class);
  1038. if (!$ce ||
  1039. !in_array($method, get_class_methods($class))
  1040. ) {
  1041. trigger_error("Invalid validation type $class::$method",
  1042. E_USER_WARNING);
  1043. continue;
  1044. }
  1045. unset($opt['type']);
  1046. if (sizeof($opt) == 1) {
  1047. $opt = array_pop($opt);
  1048. }
  1049. $valid[$var_name] = call_user_func(array($class, $method),
  1050. $data[$var_name], $opt);
  1051. } else {
  1052. trigger_error("Invalid validation type {$opt['type']}",
  1053. E_USER_WARNING);
  1054. }
  1055. }
  1056. return $valid;
  1057. }
  1058. /**
  1059. * Determine whether specified file exists along the include path.
  1060. *
  1061. * @param string $filename file to search for
  1062. *
  1063. * @access private
  1064. *
  1065. * @return bool true if file exists
  1066. */
  1067. function _includePathFileExists($filename)
  1068. {
  1069. $paths = explode(":", ini_get("include_path"));
  1070. $result = false;
  1071. while ((!($result)) && (list($key,$val) = each($paths))) {
  1072. $result = file_exists($val . "/" . $filename);
  1073. }
  1074. return $result;
  1075. }
  1076. }