meik
/
nzedb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
0 Tags
16 MiB
 
 
 
 
 
 
Tree: e40066784a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e40066784a'
${ noResults }
nzedb/nZEDb_data/nZEDb/libraries/lithium/util/Validator.php

701 lines
30 KiB
Raw Blame History

<?php
/**
* li₃: the most RAD framework for PHP (http://li3.me)
*
* Copyright 2009, Union of RAD. All rights reserved. This source
* code is distributed under the terms of the BSD 3-Clause License.
* The full license text can be found in the LICENSE.txt file.
*/
namespace lithium\util;
use lithium\aop\Filters;
use lithium\util\Set;
use InvalidArgumentException;
/**
* The `Validator` class provides static access to commonly used data validation logic. These common
* routines cover HTML form input data such as phone and credit card numbers, dates and postal
* codes, but also include general checks for regular expressions and booleans and numericality.
*
* General data checking is done by using `Validator` statically. Rules can be specified as a
* parameter to the `rule()` method or accessed directly via the `is[RuleName]()` method name
* convention:
*
* ```
* use lithium\util\Validator;
*
* // The following are equivalent:
* Validator::rule('email', 'foo@example.com'); // true
* Validator::isEmail('foo-at-example.com'); // false
* ```
*
* Data can also be validated against multiple rules, each having their own associated error
* message. The rule structure is array-based and hierarchical based on rule names and
* messages. Responses match the keys present in the `$data` parameter of `check()` up with an array
* of rules which they violate.
*
* ``` embed:lithium\tests\cases\util\ValidatorTest::testCheckMultipleHasFirstError(1-15) ```
*
* See the `check()` method for more information an multi-value datasets. Custom validation rules
* can also be added to `Validator` at runtime. These can either take the form of regular expression
* strings or functions supplied to the `add()` method.
*
* ### Rules
*
* The `Validator` class includes a series of commonly-used rules by default, any of which may be
* used in calls to `rule()` or `check()`, or called directly as a method. Additionally, many rules
* have a variety of different _formats_ in which they may be specified. The following is the list
* of the built-in rules, but keep in mind that none of them are hard-coded. Any rule may be
* overridden by adding a new rule of the same name using the `add()` method.
*
* - `notEmpty`: Checks that a string contains at least one non-whitespace character.
*
* - `alphaNumeric`: Checks that a string contains only integer or letters.
*
* - `lengthBetween`: Checks that a string length is within a specified range. Spaces are included
* in the character count. The available options are `'min'` and `'max'`, which designate the
* minimum and maximum length of the string.
*
* - `blank`: Checks that a field is left blank **OR** only whitespace characters are present in its
* value. Whitespace characters include spaces, tabs, carriage returns and newlines.
*
* - `creditCard`: Checks that a value is a valid credit card number. This rule is divided into a
* series of formats: `'amex'`, `'bankcard'`, `'diners'`, `'disc'`, `'electron'`, `'enroute'`,
* `'jcb'`, `'maestro'`, `'mc'`, `'solo'`, `'switch'`, `'visa'`, `'voyager'`, `'fast'`. If no
* format value is specified, the value defaults to `'any'`, which will validate the value if
* _any_ of the available formats match. You can also use the `'fast'` format, which does a
* high-speed, low-fidelity check to ensure that the value looks like a real credit card number.
* This rule includes one option, `'deep'`, which (if set to `true`) validates the value using the
* [Luhn algorithm](http://en.wikipedia.org/wiki/Luhn_algorithm) if the format validation is
* successful. See the `luhn` validator below for more details.
*
* - `date`: Checks that a value is a valid date that complies with one or more formats. Also
* validates leap years. Possible formats are `'dmy'` (27-12-2010 or 27-12-10 separators can be a
* space, period, dash, forward slash), `'mdy'` (12-27-2010 or 12-27-10 separators can be a space,
* period, dash, forward slash), `'ymd'` (2010-12-27 or 10-12-27 separators can be a space,
* period, dash, forward slash), `'dMy'` (27 December 2010 or 27 Dec 2010), `'Mdy'` (December 27,
* 2010 or Dec 27, 2010 comma is optional), `'My'` (December 2010 or Dec 2010) or `'my'` (12/2010
* separators can be a space, period, dash, forward slash).
*
* - `time`: Checks that a value is a valid time. Validates time as 24hr (HH:MM) or am/pm
* ([ H]H:MM[a|p]m). Does not allow / validate seconds.
*
* - `boolean`: Checks that the value is or looks like a boolean value. The following types of
* values are interpreted as boolean and will pass the check.
* - boolean (`true`, `false`, `'true'`, `'false'`)
* - boolean number (`1`, `0`, `'1'`, `'0'`)
* - boolean text string (`'on'`, `'off'`, `'yes'`, `'no'`)
*
* - `decimal`: Checks that a value is a valid decimal. Takes one option, `'precision'`, which is
* an optional integer value defining the level of precision the decimal number must match.
*
* - `email`: Checks that a value is (probably) a valid email address. The subject of validating
* an actual email address is complicated and problematic. A regular expression that correctly
* validates addresses against [RFC 5322](http://tools.ietf.org/html/rfc5322) would be several
* pages long, with the drawback of being unable to keep up as new top-level domains are added.
* Instead, this validator uses PHP's internal input filtering API to check the format, and
* provides an option, `'deep'` ( _boolean_) which, if set to `true`, will validate that the email
* address' domain contains a valid MX record. Keep in mind, this is just one of the many ways to
* validate an email address in the overall context of an application. For other ideas or
* examples, [ask Sean](http://seancoates.com/).
*
* - `ip`: Validates a string as a valid IPv4 or IPv6 address.
*
* - `money`: Checks that a value is a valid monetary amount. This rule has two formats, `'right'`
* and `'left'`, which indicates which side the monetary symbol (i.e. $) appears on.
*
* - `numeric`: Checks that a value is numeric.
*
* - `phone`: Check that a value is a valid phone number, non-locale-specific phone number.
*
* - `postalCode`: Checks that a given value is a valid US postal code.
*
* - `inRange`: Checks that a numeric value is within a specified range. This value has two options,
* `'upper'` and `'lower'`, which specify the boundary of the value.
*
* - `url`: Checks that a value is a valid URL according to
* [RFC 2395](http://www.faqs.org/rfcs/rfc2396.html). Uses PHP's filter API, and accepts any
* options accepted for
* [the validation URL filter](http://php.net/filter.filters.validate.php).
*
* - `luhn`: Checks that a value is a valid credit card number according to the
* [Luhn algorithm](http://en.wikipedia.org/wiki/Luhn_algorithm). (See also: the `creditCard`
* validator).
*
* - `inList`: Checks that a value is in a pre-defined list of values. This validator accepts one
* option, `'list'`, which is an array containing acceptable values.
*
* - `regex`: Checks that a value appears to be a valid regular expression, possibly
* containing PCRE-compatible options flags.
*
* - `uuid`: Checks that a value is a valid UUID.
*
* ### UTF-8 encoded input strings
*
* All rules operating on strings have been created with the possibility of
* UTF-8 encoded input in mind. A default PHP binary and an enabled Lithium
* g11n bootstrap will make these rules work correctly in any case. Should you
* ever experience odd behavior following paragraph with implementation
* details might help you to track down the cause.
*
* The rules `alphaNumeric` and `money` rely on additional functionality of
* PCRE to validate UTF-8 encoded strings. As no PCRE feature detection is
* done, having this feature enabled in PCRE isn't optional. Please ensure
* you've got PCRE compiled with UTF-8 support.
*/
class Validator extends \lithium\core\StaticObjectDeprecated {
/**
* An array of validation rules. May contain a single regular expression, an array of regular
* expressions (where the array keys define various possible 'formats' of the same rule), or a
* closure which accepts a value to be validated, and an array of options, and returns a
* boolean value, indicating whether the validation succeeded or failed.
*
* @var array
* @see lithium\util\Validator::add()
* @see lithium\util\Validator::rule()
*/
protected static $_rules = [];
/**
* Default options used when defining a new validator rule. Each key contains method-specific
* options that should always be applied, or options that should be applied to all rules in the
* `'defaults'` key.
*
* @see lithium\util\Validator::add()
* @see lithium\util\Validator::rule()
* @var array
*/
protected static $_options = [
'defaults' => ['contains' => true]
];
/**
* Initializes the list of default validation rules.
*/
public static function reset() {
$alnum = '[A-Fa-f0-9]';
$class = get_called_class();
Filters::clear($class);
static::$_rules = [
'alphaNumeric' => '/^[\p{Ll}\p{Lm}\p{Lo}\p{Lt}\p{Lu}\p{Nd}]+$/mu',
'blank' => '/[^\\s]/',
'creditCard' => [
'amex' => '/^3[4|7]\\d{13}$/',
'bankcard' => '/^56(10\\d\\d|022[1-5])\\d{10}$/',
'diners' => '/^(?:3(0[0-5]|[68]\\d)\\d{11})|(?:5[1-5]\\d{14})$/',
'disc' => '/^(?:6011|650\\d)\\d{12}$/',
'electron' => '/^(?:417500|4917\\d{2}|4913\\d{2})\\d{10}$/',
'enroute' => '/^2(?:014|149)\\d{11}$/',
'jcb' => '/^(3\\d{4}|2100|1800)\\d{11}$/',
'maestro' => '/^(?:5020|6\\d{3})\\d{12}$/',
'mc' => '/^(?:5[1-5]|2[2-7])\\d{14}$/',
'solo' => '/^(6334[5-9][0-9]|6767[0-9]{2})\\d{10}(\\d{2,3})?$/',
'switch' => '/^(?:49(03(0[2-9]|3[5-9])|11(0[1-2]|7[4-9]|8[1-2])|36[0-9]{2})' .
'\\d{10}(\\d{2,3})?)|(?:564182\\d{10}(\\d{2,3})?)|(6(3(33[0-4]' .
'[0-9])|759[0-9]{2})\\d{10}(\\d{2,3})?)$/',
'visa' => '/^4\\d{12}(\\d{3})?$/',
'voyager' => '/^8699[0-9]{11}$/',
'fast' => '/^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6011[0-9]{12}|3' .
'(?:0[0-5]|[68][0-9])[0-9]{11}|3[47][0-9]{13})$/'
],
'date' => [
'dmy' => '%^(?:(?:31(\\/|-|\\.|\\x20)(?:0?[13578]|1[02]))\\1|(?:(?:29|30)' .
'(\\/|-|\\.|\\x20)(?:0?[1,3-9]|1[0-2])\\2))(?:(?:1[6-9]|[2-9]\\d)?' .
'\\d{2})$|^(?:29(\\/|-|\\.|\\x20)0?2\\3(?:(?:(?:1[6-9]|[2-9]\\d)?' .
'(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])' .
'00))))$|^(?:0?[1-9]|1\\d|2[0-8])(\\/|-|\\.|\\x20)(?:(?:0?[1-9])|' .
'(?:1[0-2]))\\4(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$%',
'mdy' => '%^(?:(?:(?:0?[13578]|1[02])(\\/|-|\\.|\\x20)31)\\1|(?:(?:0?[13-9]|' .
'1[0-2])(\\/|-|\\.|\\x20)(?:29|30)\\2))(?:(?:1[6-9]|[2-9]\\d)?\\d' .
'{2})$|^(?:0?2(\\/|-|\\.|\\x20)29\\3(?:(?:(?:1[6-9]|[2-9]\\d)?' .
'(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])' .
'00))))$|^(?:(?:0?[1-9])|(?:1[0-2]))(\\/|-|\\.|\\x20)(?:0?[1-9]|1' .
'\\d|2[0-8])\\4(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$%',
'ymd' => '%^(?:(?:(?:(?:(?:1[6-9]|[2-9]\\d)?(?:0[48]|[2468][048]|[13579]' .
'[26])|(?:(?:16|[2468][048]|[3579][26])00)))(\\/|-|\\.|\\x20)' .
'(?:0?2\\1(?:29)))|(?:(?:(?:1[6-9]|[2-9]\\d)?\\d{2})(\\/|-|\\.|' .
'\\x20)(?:(?:(?:0?[13578]|1[02])\\2(?:31))|(?:(?:0?[1,3-9]|1[0-2])' .
'\\2(29|30))|(?:(?:0?[1-9])|(?:1[0-2]))\\2(?:0?[1-9]|1\\d|2[0-8]' .
'))))$%',
'dMy' => '/^((31(?!\\ (Feb(ruary)?|Apr(il)?|June?|(Sep(?=\\b|t)t?|Nov)' .
'(ember)?)))|((30|29)(?!\\ Feb(ruary)?))|(29(?=\\ Feb(ruary)?\\ ' .
'(((1[6-9]|[2-9]\\d)(0[48]|[2468][048]|[13579][26])|((16|[2468]' .
'[048]|[3579][26])00)))))|(0?[1-9])|1\\d|2[0-8])\\ (Jan(uary)?|' .
'Feb(ruary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)|(ne?))|Aug(ust)?|' .
'Oct(ober)?|(Sep(?=\\b|t)t?|Nov|Dec)(ember)?)\\ ((1[6-9]|[2-9]' .
'\\d)\\d{2})$/',
'Mdy' => '/^(?:(((Jan(uary)?|Ma(r(ch)?|y)|Jul(y)?|Aug(ust)?|Oct(ober)?' .
'|Dec(ember)?)\\ 31)|((Jan(uary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)' .
'|(ne?))|Aug(ust)?|Oct(ober)?|(Sept|Nov|Dec)(ember)?)\\ (0?[1-9]' .
'|([12]\\d)|30))|(Feb(ruary)?\\ (0?[1-9]|1\\d|2[0-8]|(29(?=,?\\ ' .
'((1[6-9]|[2-9]\\d)(0[48]|[2468][048]|[13579][26])|((16|[2468]' .
'[048]|[3579][26])00)))))))\\,?\\ ((1[6-9]|[2-9]\\d)\\d{2}))$/',
'My' => '%^(Jan(uary)?|Feb(ruary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)|(ne?))|' .
'Aug(ust)?|Oct(ober)?|(Sep(?=\\b|t)t?|Nov|Dec)(ember)?)\\ ((1[6-9]' .
'|[2-9]\\d)\\d{2})$%',
'my' => '%^(0?[1-9]|1[012])([- /.])((1[6-9])|([2-9]\\d)\\d{2})$%'
],
'ip' => function($value, $format = null, array $options = []) {
$options += ['flags' => []];
return (boolean) filter_var($value, FILTER_VALIDATE_IP, $options);
},
'money' => [
'right' => '/^(?!0,?\d)(?:\d{1,3}(?:([, .])\d{3})?(?:\1\d{3})*|(?:\d+))' .
'((?!\1)[,.]\d{2})?(?<!\x{00a2})\p{Sc}?$/u',
'left' => '/^(?!\x{00a2})\p{Sc}?(?!0,?\d)(?:\d{1,3}(?:([, .])\d{3})?' .
'(?:\1\d{3})*|(?:\d+))((?!\1)[,.]\d{2})?$/u'
],
'notEmpty' => '/[^\s]+/m',
'phone' => '/^\+?[0-9\(\)\-]{10,20}$/',
'postalCode' => '/(^|\A\b)[A-Z0-9\s\-]{5,}($|\b\z)/i',
'regex' => '/^(?:([^[:alpha:]\\\\{<\[\(])(.+)(?:\1))|(?:{(.+)})|(?:<(.+)>)|' .
'(?:\[(.+)\])|(?:\((.+)\))[gimsxu]*$/',
'time' => '%^((0?[1-9]|1[012])(:[0-5]\d){0,2}([AP]M|[ap]m))$|^([01]\d|2[0-3])' .
'(:[0-5]\d){0,2}$%',
'boolean' => function($value) {
$bool = is_bool($value);
$filter = filter_var($value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
return ($bool || $filter !== null || empty($value));
},
'decimal' => function($value, $format = null, array $options = []) {
if (isset($options['precision'])) {
$precision = strlen($value) - strrpos($value, '.') - 1;
if ($precision !== (int) $options['precision']) {
return false;
}
}
return (filter_var($value, FILTER_VALIDATE_FLOAT, FILTER_NULL_ON_FAILURE) !== null);
},
'inList' => function($value, $format, $options) {
$options += ['list' => []];
$strict = is_bool($value) || $value === '';
return in_array($value, $options['list'], $strict);
},
'lengthBetween' => function($value, $format, $options) {
$length = strlen($value);
$options += ['min' => 1, 'max' => 255];
return ($length >= $options['min'] && $length <= $options['max']);
},
'luhn' => function($value) {
if (empty($value) || !is_string($value)) {
return false;
}
$sum = 0;
$length = strlen($value);
for ($position = 1 - ($length % 2); $position < $length; $position += 2) {
$sum += $value[$position];
}
for ($position = ($length % 2); $position < $length; $position += 2) {
$number = $value[$position] * 2;
$sum += ($number < 10) ? $number : $number - 9;
}
return ($sum % 10 === 0);
},
'numeric' => function($value) {
return is_numeric($value);
},
'inRange' => function($value, $format, $options) {
$defaults = ['upper' => null, 'lower' => null];
$options += $defaults;
if (!is_numeric($value)) {
return false;
}
switch (true) {
case ($options['upper'] !== null && $options['lower'] !== null):
return ($value >= $options['lower'] && $value <= $options['upper']);
case ($options['upper'] !== null):
return ($value <= $options['upper']);
case ($options['lower'] !== null):
return ($value >= $options['lower']);
}
return is_finite($value);
},
'uuid' => "/^{$alnum}{8}-{$alnum}{4}-{$alnum}{4}-{$alnum}{4}-{$alnum}{12}$/",
'email' => function($value) {
return filter_var($value, FILTER_VALIDATE_EMAIL);
},
'url' => function($value, $format = null, array $options = []) {
$options += ['flags' => []];
return (boolean) filter_var($value, FILTER_VALIDATE_URL, $options);
}
];
$isEmpty = function($params, $next) {
extract($params);
return (empty($value) && $value !== '0') ? false : $next($params);
};
Filters::apply($class, 'alphaNumeric', $isEmpty);
Filters::apply($class, 'notEmpty', $isEmpty);
Filters::apply($class, 'creditCard', function($params, $next) {
extract($params);
$options += ['deep' => false];
if (strlen($value = str_replace(['-', ' '], '', $value)) < 13) {
return false;
}
$params['value'] = $value;
if (!$next($params)) {
return false;
}
return $options['deep'] ? Validator::isLuhn($value) : true;
});
Filters::apply($class, 'email', function($params, $next) {
extract($params);
$defaults = ['deep' => false];
$options += $defaults;
if (!$next($params)) {
return false;
}
if (!$options['deep']) {
return true;
}
list($prefix, $host) = explode('@', $params['value']);
$mxhosts = [];
if (getmxrr($host, $mxhosts)) {
return is_array($mxhosts);
}
return false;
});
}
/**
* Maps method calls to validation rule names. For example, a validation rule that would
* normally be called as `Validator::rule('email', 'foo@bar.com')` can also be called as
* `Validator::isEmail('foo@bar.com')`.
*
* @param string $method The name of the method called, i.e. `'isEmail'` or `'isCreditCard'`.
* @param array $args
* @return boolean
*/
public static function __callStatic($method, $args = []) {
if (!isset($args[0])) {
return false;
}
$args = array_filter($args) + [0 => $args[0], 1 => 'any', 2 => []];
$rule = preg_replace("/^is([A-Z][A-Za-z0-9]+)$/", '$1', $method);
$rule[0] = strtolower($rule[0]);
return static::rule($rule, $args[0], $args[1], $args[2]);
}
/**
* Checks whether a rule under given name exists and can be called using `is<Name>`
* syntax.
*
* @param string $rule Name of the rule.
* @return boolean `true` if the rule exists, `false` if not.
*/
public static function has($rule) {
if (!preg_match('/^(is)?([A-Za-z0-9]+)$/', $rule, $matches)) {
return false;
}
$matches[2][0] = strtolower($matches[2][0]);
return isset(static::$_rules[$matches[2]]);
}
/**
* Determines if a given method can be called.
*
* @deprecated
* @param string $method Name of the method.
* @param boolean $internal Provide `true` to perform check from inside the
* class/object. When `false` checks also for public visibility;
* defaults to `false`.
* @return boolean Returns `true` if the method can be called, `false` otherwise.
*/
public static function respondsTo($method, $internal = false) {
$message = '`' . __METHOD__ . '()` has been deprecated. ';
$message .= "Use `Validator::has()` or `is_callable([<class>, '<method>'])` instead.";
trigger_error($message, E_USER_DEPRECATED);
$rule = preg_replace("/^is([A-Z][A-Za-z0-9]+)$/", '$1', $method);
$rule[0] = strtolower($rule[0]);
return isset(static::$_rules[$rule]) || parent::respondsTo($method, $internal);
}
/**
* Checks a set of values against a specified rules list. This method may be used to validate
* any arbitrary array of data against a set of validation rules.
*
* @param array $values An array of key/value pairs, where the values are to be checked.
* @param array $rules An array of rules to check the values in `$values` against. Each key in
* `$rules` should match a key contained in `$values`, and each value should be a
* validation rule in one of the allowable formats. For example, if you are
* validating a data set containing a `'credit_card'` key, possible values for
* `$rules` would be as follows:
* - `array('credit_card' => 'You must include a credit card number')`: This is the
* simplest form of validation rule, in which the value is simply a message to
* display if the rule fails. Using this format, all other validation settings
* inherit from the defaults, including the validation rule itself, which only
* checks to see that the corresponding key in `$values` is present and contains
* a value that is not empty. _Please note when globalizing validation messages:_
* When specifying messages, it may be preferable to use a code string (i.e.
* `'ERR_NO_TITLE'`) instead of the full text of the validation error. These code
* strings may then be translated by the appropriate tools in the templating layer.
* - `array('credit_card' => ['creditCard', 'message' => 'Invalid CC #'])`:
* In the second format, the validation rule (in this case `creditCard`) and
* associated configuration are specified as an array, where the rule to use is
* the first value in the array (no key), and additional settings are specified
* as other keys in the array. Please see the list below for more information on
* allowed keys.
* - The final format allows you to apply multiple validation rules to a single
* value, and it is specified as follows:
* `array('credit_card' => [
* ['notEmpty', 'message' => 'You must include credit card number'],
* ['creditCard', 'message' => 'Your credit card number must be valid']
* ]);`
* @param array $options Validator-specific options.
* Each rule defined as an array can contain any of the following settings
* (in addition to the first value, which represents the rule to be used):
* - `'message'` _string_: The error message to be returned if the validation
* rule fails. See the note above regarding globalization of error messages.
* - `'required`' _boolean_: Represents whether the value is required to be
* present in `$values`. If `'required'` is set to `false`, the validation rule
* will be skipped if the corresponding key is not present. Defaults to `true`.
* - `'skipEmpty'` _boolean_: Similar to `'required'`, this setting (if `true`)
* will cause the validation rule to be skipped if the corresponding value
* is empty (an empty string or `null`). Defaults to `false`.
* - `'format'` _string_: If the validation rule has multiple format definitions
* (see the `add()` or `init()` methods), the name of the format to be used
* can be specified here. Additionally, two special values can be used:
* either `'any'`, which means that all formats will be checked and the rule
* will pass if any format passes, or `'all'`, which requires all formats to
* pass in order for the rule check to succeed.
* @return array Returns an array containing all validation failures for data in `$values`,
* where each key matches a key in `$values`, and each value is an array of
* that element's validation errors.
* @filter
*/
public static function check(array $values, array $rules, array $options = []) {
$defaults = [
'notEmpty',
'message' => null,
'required' => true,
'skipEmpty' => false,
'format' => 'any',
'on' => null,
'last' => false
];
$options += $defaults;
$params = compact('values', 'rules', 'options');
return Filters::run(get_called_class(), __FUNCTION__, $params, function($params) {
$values = $params['values'];
$rules = $params['rules'];
$options = $params['options'];
$errors = [];
$events = (array) (isset($options['events']) ? $options['events'] : null);
$values = array_merge($values, Set::flatten($values));
foreach ($rules as $field => $rules) {
$rules = is_string($rules) ? ['message' => $rules] : $rules;
$rules = is_array(current($rules)) ? $rules : [$rules];
$errors[$field] = [];
$options['field'] = $field;
foreach ($rules as $key => $rule) {
if (array_key_exists('required', $rule) && $rule['required'] === null) {
unset($rule['required']);
}
$rule += $options + compact('values');
list($name) = $rule;
if ($events && $rule['on'] && !array_intersect($events, (array) $rule['on'])) {
continue;
}
if (!array_key_exists($field, $values)) {
if ($rule['required']) {
$errors[$field][$key] = $rule['message'] ?: $key;
}
if ($rule['last']) {
break;
}
continue;
}
if (empty($values[$field]) && $rule['skipEmpty']) {
continue;
}
if (!static::rule($name, $values[$field], $rule['format'], $rule + $options)) {
$errors[$field][$key] = $rule['message'] ?: $key;
if ($rule['last']) {
break;
}
}
}
}
return array_filter($errors);
});
}
/**
* Adds to or replaces built-in validation rules specified in `Validator::$_rules`. Any new
* validation rules created are automatically callable as validation methods.
*
* For example:
* ```
* Validator::add('zeroToNine', '/^[0-9]$/');
* $isValid = Validator::isZeroToNine("5"); // true
* $isValid = Validator::isZeroToNine("20"); // false
* ```
*
* Alternatively, the first parameter may be an array of rules expressed as key/value pairs,
* as in the following:
* ```
* Validator::add([
* 'zeroToNine' => '/^[0-9]$/',
* 'tenToNineteen' => '/^1[0-9]$/',
* ]);
* ```
*
* In addition to regular expressions, validation rules can also be defined as full anonymous
* functions:
* ```
* use app\models\Account;
*
* Validator::add('accountActive', function($value) {
* $value = is_int($value) ? Account::find($value) : $value;
* return (boolean) $value->is_active;
* });
*
* $testAccount = Account::create(['is_active' => false]);
* Validator::isAccountActive($testAccount); // returns false
* ```
*
* These functions can take up to 3 parameters:
* - `$value` _mixed_: This is the actual value to be validated (as in the above example).
* - `$format` _string_: Often, validation rules come in multiple "formats", for example:
* postal codes, which vary by country or region. Defining multiple formats allows you to
* retain flexibility in how you validate data. In cases where a user's country of origin
* is known, the appropriate validation rule may be selected. In cases where it is not
* known, the value of `$format` may be `'any'`, which should pass if any format matches.
* In cases where validation rule formats are not mutually exclusive, the value may be
* `'all'`, in which case all must match.
* - `$options` _array_: This parameter allows a validation rule to implement custom
* options.
*
* @see lithium\util\Validator::$_rules
* @param mixed $name The name of the validation rule (string), or an array of key/value pairs
* of names and rules.
* @param string $rule If $name is a string, this should be a string regular expression, or a
* closure that returns a boolean indicating success. Should be left blank if
* `$name` is an array.
* @param array $options The default options for validating this rule. An option which applies
* to all regular expression rules is `'contains'` which, if set to true, allows
* validated values to simply _contain_ a match to a rule, rather than exactly
* matching it in whole.
*/
public static function add($name, $rule = null, array $options = []) {
if (!is_array($name)) {
$name = [$name => $rule];
}
static::$_rules = Set::merge(static::$_rules, $name);
if (!empty($options)) {
$options = array_combine(array_keys($name), array_fill(0, count($name), $options));
static::$_options = Set::merge(static::$_options, $options);
}
}
/**
* Checks a single value against a single validation rule in one or more formats.
*
* @param string $rule
* @param mixed $value
* @param string $format
* @param array $options
* @return boolean Returns `true` or `false` indicating whether the validation rule check
* succeeded or failed.
* @filter
*/
public static function rule($rule, $value, $format = 'any', array $options = []) {
if (!isset(static::$_rules[$rule])) {
throw new InvalidArgumentException("Rule `{$rule}` is not a validation rule.");
}
$defaults = isset(static::$_options[$rule]) ? static::$_options[$rule] : [];
$options = (array) $options + $defaults + static::$_options['defaults'];
$ruleCheck = static::$_rules[$rule];
$ruleCheck = is_array($ruleCheck) ? $ruleCheck : [$ruleCheck];
if (!$options['contains'] && !empty($ruleCheck)) {
foreach ($ruleCheck as $key => $item) {
$ruleCheck[$key] = is_string($item) ? "/^{$item}$/" : $item;
}
}
$params = compact('value', 'format', 'options');
return Filters::run(get_called_class(), $rule, $params, static::_checkFormats($ruleCheck));
}
/**
* Returns a list of available validation rules, or the configuration details of a single rule.
*
* @param string $name Optional name of a rule to get the details of. If not specified, an array
* of all available rule names is returned. Otherwise, returns the details of a
* single rule. This can be a regular expression string, a closure object, or an
* array of available rule formats made up of string regular expressions,
* closures, or both.
* @return mixed Returns either an single array of rule names, or the details of a single rule.
*/
public static function rules($name = null) {
if (!$name) {
return array_keys(static::$_rules);
}
return isset(static::$_rules[$name]) ? static::$_rules[$name] : null;
}
/**
* Perform validation checks against a value using an array of all possible formats for a rule,
* and an array specifying which formats within the rule to use.
*
* @param array $rules All available rules.
* @return \Closure Function returning boolean `true` if validation succeeded, `false` otherwise.
*/
protected static function _checkFormats($rules) {
return function($params) use ($rules) {
$value = $params['value'];
$format = $params['format'];
$options = $params['options'];
$defaults = ['all' => true];
$options += $defaults;
$formats = (array) $format;
$options['all'] = ($format === 'any');
foreach ($rules as $index => $check) {
if (!$options['all'] && !(in_array($index, $formats) || isset($formats[$index]))) {
continue;
}
$regexPassed = (is_string($check) && preg_match($check, $value));
$closurePassed = (is_object($check) && $check($value, $format, $options));
if ($regexPassed || $closurePassed) {
return true;
}
}
return false;
};
}
}
Validator::reset();
?>