|
PHP - Filter_var Custom Regex Not Working Wondering Why?
I'm having a lot of trouble validating things using custom regex. I'm trying to validate usernames without spaces using numbers and/or letters with optional underscores.
This is my code but it isn't validating anything, nothing is ever validated. Whatever I write it says the username isn't valid. if(isset($_POST['submit'])){ if(filter_var($_POST['value1'], FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[\w.-]{{3},{28}}$/")))){ echo "Value is a valid username."; } else { echo "Value is NOT a valid username."; } } ?> Any help regarding this issue will be greatly appreciated. Thanks! Similar TutorialsCommented in red is the code that doesn't produce anything. It is 3/4 of the way down the page.. Thanks for looking! Code: [Select] <?php error_reporting(E_ALL); ini_set("display_errors", 1); $host= ""; $db_name= ""; $db_user= ""; $db_password= ""; ob_start(); if(isset($_POST['newBidder'])) { $newBidder= isset($_POST['newBidder']) ? $_POST['newBidder'] : ''; $bidderId= $newBidder; mysql_connect("$host", "$db_user", "$db_password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); $sql="SELECT * FROM bidders WHERE biddersId='$bidderId'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==0){ // Add $biddersId and redirect to anypage mysql_Query("INSERT INTO bidders (biddersId) VALUES ('$bidderId')"); header("Location: index.php"); exit(); } } //////////////////////////////////// if(isset($_POST['deleteBidder'])) { $deleteBidder= isset($_POST['deleteBidder']) ? $_POST['deleteBidder'] : ''; mysql_connect("$host", "$db_user", "$db_password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); mysql_query("DELETE FROM bidders WHERE biddersId='$deleteBidder'"); header("Location: index.php"); exit(); } //////////////////////////////////// if (isset($_POST['itemDescription'], $_POST['itemPrice'], $_POST['winningBidder'], $_POST['itemQty'])) { $itemDescription= isset($_POST['itemDescription']) ? $_POST['itemDescription'] : ''; $itemPrice= isset($_POST['itemPrice']) ? $_POST['itemPrice'] : ''; $winningBidder= isset($_POST['winningBidder']) ? $_POST['winningBidder'] : ''; $itemQty= isset($_POST['itemQty']) ? $_POST['itemQty'] : ''; mysql_connect("$host", "$db_user", "$db_password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); $sql="SELECT * FROM bidders WHERE biddersId='$winningBidder'"; $result=mysql_query($sql); $count=mysql_num_rows($result); // If result matched, table row must be 1 row if($count==0){ echo "That Bidder Number is NOT logged in, "; echo "would you like to set this bidder as active?"; echo " Enter 1 for NO or 2 for YES"; echo "<form action= \"process.php\" method= \"POST\">"; echo "<input type =\"text\" name= \"logUser\"/>"; echo "<input type= \"submit\" value = \"Submit\"/>"; exit(); } } $logUser= isset($_POST['logUser']) ? $_POST['logUser'] : ''; if ($logUser= '1') { header("Location: inprogress.php"); exit(); } if ($logUser= '2'){ // Add $biddersId and redirect to anypage mysql_connect("$host", "$db_user", "$db_password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); mysql_Query("INSERT INTO bidders (biddersId) ////This won't add biddersid to database///////[ VALUES ('$winningBidder')"); mysql_query("INSERT INTO transactions /////This won't add details to the database either?///// VALUES('$itemDescription', '$itemPrice','$winningBidder', '$itemQty', '$totalPrice')") or die(mysql_error()); header("Location: inprogress.php"); exit(); } //////////////////////////////////////// echo "<font color= \"red\" face=\"calibri\" size=\"4\">That bidder is already logged, Please press your browsers back button and try again.</font>"; ob_end_flush(); ?> I have one database with 2 tables as follows bidders table ONLY has biddersId field; transactions has (in order) itemDescription, itemPrice, bidderId, itemQty, totalPrice everything else works, except updating the database with the above? Am I doing something wrong in MySql. I have all eroors on , but i get NONE when running the script? I need bit of help, so I am looking into a plugin created for newsletter where default is it shows ad but it has option to remove ads by checking the check box. Default is to send ads in newsletter but if you don't want to send ads through newsletter then check the box. The problem is, it seems like checkbox selected is not being picked up. Some help would be appreciated. The custom field in wp:
'label' => 'Hide newsletter ads',
'name' => 'hide_ads',
'type' => 'checkbox',
'instructions' => 'Checking the checkbox will remove ads',
'required' => 0,
'conditional_logic' => 0,
'wrapper' => array(
'width' => '',
'class' => '',
'id' => '',
),
'choices' => array(
'Hide newsletter ads' => 'Hide newsletter ads',
),
'allow_custom' => 0,
'default_value' => array(
),
'layout' => 'block',
'toggle' => 0,
'return_format' => 'value',
'save_custom' => 0,
),
This is the php code for it:
<!doctype html>
<html lang="en-GB">
<head>
<meta name="viewport" content="width=device-width" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="x-apple-disable-message-reformatting">
<title><?php the_title(); ?></title>
<style>
<?php require ABSPATH . 'path/newsletter.css'; ?>
</style>
<!--[if mso]>
<style type="text/css">
.outlook-fallback-font {
font-family: 'Lucida Bright', 'Cambria', -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif;
}
</style>
<![endif]-->
</head>
<?php
$hide_newsletter_ads = get_field('hide_ads');
echo $hide_newsletter_ads;
?>
<body itemscope itemtype="http://schema.org/EmailMessage">
<div class="wrap">
<?php
if (!$hide_newsletter_ads) {
include ABSPATH . 'path/ad-banner.php';
}
?>
<div class="header">
<a href="<?php bloginfo( 'url' ); ?>">
<img src="<?php echo get_home_url().'logo.png' ?>" alt="News"
/>
</a>
</div>
<?php
if ( have_posts() ) :
while ( have_posts() ) :
the_post();
?>
<?php if ( get_field( 'newsletter_summary' ) ) { ?>
<div class="newsletter-summary"><?php the_field( 'newsletter_summary' ); ?></div>
<?php } ?>
<?php if ( have_rows( 'newsletter_content' ) ) : ?>
<?php
// Loop through the ACF blocks
$count = 0;
while ( have_rows( 'newsletter_content' ) ) :
the_row();
if ( get_row_layout() === 'story' ) :
?>
<?php if ( 0 === $count ) { ?>
<span class="date outlook-fallback-font"><?php the_time( 'd M Y' ); ?></span>
<?php } ?>
<?php if ( get_sub_field( 'story_heading' ) ) : ?>
<h1><?php the_sub_field( 'story_heading' ); ?></h1>
<?php endif; ?>
<div class="content">
<?php the_sub_field( 'story_content' ); ?>
</div>
<?php
endif;
if ( 'post_list' === get_row_layout() ) :
?>
<?php
$posts = get_sub_field( 'post_list' );
if ( $posts ) :
?>
</div>
<div class="story-list">
<h2><span class="wrap"><?php the_sub_field( 'post_list_heading' ); ?></span></h2>
<div class="wrap-table">
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<?php
// Output story cards
foreach ( $posts as $i => $post ) {
if ( 0 === $i % 2 ) {
echo '<tr>';
}
$class = ( 0 === $i % 2 ) ? 'odd' : 'even';
$image_src = wp_get_attachment_image_src( get_post_thumbnail_id( $post->ID ), array( 640, 345 ) );
$image_srcset = wp_get_attachment_image_srcset( get_post_thumbnail_id( $post->ID ) );
echo sprintf(
'<td class="story-cell %4$s" valign="top">
<a href="%1$s" class="story-card outlook-fallback-font">
<img src="%3$s" alt="" height="120" style="height: 150px; object-fit: cover;" />
<span>%2$s</span>
</a>
</td>',
esc_url( get_permalink( $post->ID ) . '?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter' ), // permalink
esc_html( get_the_title( $post->ID ) ), // title
// esc_attr( $image_src[0] ), // image - src
esc_attr( $image_src[0] ), // image - src
esc_attr( $class ) // class
);
if ( 0 !== $i % 2 || count( $posts ) === ( $i + 1 ) ) {
echo '</tr>';
}
}
?>
</table>
</div>
</div>
<div class="wrap">
<?php
endif;
endif;
if (!$hide_newsletter_ads) {
(0 === $count) {
include ABSPATH . 'path/mpu-1.php';
}
if (1 === $count) {
include ABSPATH . 'path/mpu-2.php';
}
}
$count++;
endwhile;
endif;
?>
<div class="footer">
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td align="left">
© <?php echo esc_html( date( 'Y' ) ); ?>
</td>
<td class="footer-link">
<a href="<?php echo get_permalink( get_page_by_path( 'privacy-policy' ) ); ?>">Privacy Policy</a> ·
<a href="%unsubscribe_url%">Unsubscribe</a>
</td>
</tr>
</table>
</div>
</div>
<?php
endwhile;
endif;
?>
hey guys im trying to match a certain string with possible matchs like:
:action(activation-key|activation_key2|activation_key3) ...etc
:action(activation-key|activation_key2)
:action(activation-key)
(activation-key) ...etc
unfortunatley im not getting the results im after and am now scratching my head.
here is my code:
$text = ":action(activation-key|activation_key2|activation_key3)";
if (preg_match_all('/<parameter>(.*?)\((.*?)|(.*?)\||\|(.*?)\)$/', $text, $match))
{
print_r($match);
}
my result:
Array( [0] => Array ( [0] => :action(activation-key| [1] => activation_key2| ) [1] => Array ( [0] => [1] => ) [2] => Array ( [0] => [1] => ) [3] => Array ( [0] => :action(activation-key [1] => activation_key2 ) [4] => Array ( [0] => [1] => ) ) a result like this is what im after if anyone could help please: Array ( [0] => Array ( ['parameter'] => :action [0] => activation_key1 [1] => activation_key2 [2] => activation_key3 ) ) thank you guys Edited by Destramic, 25 December 2014 - 06:34 PM. Hi, What i want is relatively simple yet i seem to be massively over complicating it. I've never really had to use forums for help before but this is annoying me now lol. Basically, what i want is when someone orders 3 or more products that aren't in this case, a canvas, they get 20% off the cheapest 3 products. But where things get complicated is that there is also a quantity field. So if someone orders say 1 item at 1.99 and then 3 at 2.99 id have to be able to get 1.99 + 2 lots of 2.99 and then work out the 20% on that. And obviously i dont know what they're going to order so it needs to be something dynamic and i've kinda written rules for several possibilities but i cant get it right. Heres my code so far anyway: $row3 = mysql_fetch_array(mysql_query("SELECT SUM(qty) FROM `ypc_cart` WHERE `sessid`='$sessid' AND `type`!='canvas' ORDER BY `price` ASC LIMIT 3")); $price3 = mysql_fetch_array(mysql_query("SELECT SUM(price) FROM `ypc_cart` WHERE `sessid`='$sessid' AND `type`!='canvas' ORDER BY `price` ASC LIMIT 3")); $row2 = mysql_fetch_array(mysql_query("SELECT SUM(qty) FROM `ypc_cart` WHERE `sessid`='$sessid' AND `type`!='canvas' ORDER BY `price` ASC LIMIT 2")); $price2 = mysql_fetch_array(mysql_query("SELECT SUM(price) FROM `ypc_cart` WHERE `sessid`='$sessid' AND `type`!='canvas' ORDER BY `price` ASC LIMIT 2")); $row1 = mysql_fetch_array(mysql_query("SELECT SUM(qty) FROM `ypc_cart` WHERE `sessid`='$sessid' AND `type`!='canvas' ORDER BY `price` ASC LIMIT 1")); $price1 = mysql_fetch_array(mysql_query("SELECT SUM(price) FROM `ypc_cart` WHERE `sessid`='$sessid' AND `type`!='canvas' ORDER BY `price` ASC LIMIT 1")); $totalqty3 = $row3['SUM(qty)']; $totalnonec=mysql_num_rows(mysql_query("SELECT * FROM `ypc_cart` WHERE `sessid`='$sessid' AND `type`!='canvas'")); /////IF QTY FROM 3 ITEMS IS MORE THAN 3 OR IS 3 if($totalqty3 > 3 && $totalnonec == 3){ echo "3 > 3"; }elseif($totalqty3 == 3 && $totalnonec == 3){ $otherdiscount = (($price3['SUM(price)'] + 0.03) * 3) * 0.2; /////IF QTY FROM 2 ITEMS IS MORE THAN 3 OR IS 3 }elseif($row2['SUM(qty)'] > 3 && $totalnonec == 2){ $otherdiscount = (($price2['SUM(price)'] + 0.03) * 3) * 0.2; }elseif($row2['SUM(qty)'] == 3 && $totalnonec == 2){ $otherdiscount = (($price2['SUM(price)'] + 0.03) * 3) * 0.2; /////IF QTY FROM 1 ITEM IS 3 OR LESS }elseif($row1['SUM(qty)'] > 2 && $totalnonec == 1){ $otherdiscount = (($price1['SUM(price)'] + 0.03) * 3) * 0.2; }else{ $otherdiscount = 0.00; } $totaldiscount = $otherdiscount; $otherdiscount = (($price3['SUM(price)'] + 0.03) * 3) * 0.2; This is basically, get the price total, add 3p (as all prices end in .99 so it rounds it off) x 3(as you get 20% off 3 items) then x 0.2 to get the 20% value. Probably worth starting over but id have know idea where to begin lol so any help with getting this code to work or posting some new code on where to start would be brilliant! Thanks in advance. Created module like No other products add to cart if restricted product available in cart and vice versa. My Module : app/etc/modules/Brst_Test.xml
<?xml version="1.0"?>
<config>
<modules>
<Brst_Test>
<active>true</active>
<codePool>community</codePool>
</Brst_Test>
</modules>
</config>
This is my observer file app/code/community/Brst/Test/Model/Observer.php
<?php
ini_set('display_errors', '1');
// Mage::log('Hy observer called', null, 'logfile.log');
class Brst_Test_Model_Observer
{
//Put any event as per your requirement
public function logCartAdd() {
$product = Mage::getModel('catalog/product')
->load(Mage::app()->getRequest()->getParam('product', 0));
$cart_qty = (int) Mage::getModel('checkout/cart')->getQuote()->getItemsQty();
if ($product->getId()==31588 && cart_qty > 0) {
Mage::throwException("You can not add This special Product, empty cart before add it");
}
// $quote = Mage::getSingleton('checkout/session')->getQuote();
// if ($quote->hasProductId(2))
//{
// Mage::getSingleton("core/session")->addError("Cart has Special Product you can not add another");
// return;
// }
$quote = Mage::getModel('checkout/cart')->getQuote();
foreach ($quote->getAllItems() as $item) {
$productId = $item->getProductId();
if($productId==31588){
Mage::throwException("Cart has Special Product you can not add another");
}
}
}
}
?>
app/code/community/Brst/Test/etc/config.xml
<?xml version="1.0"?>
<config>
<modules>
<Brst_Test>
<version>0.1.0</version>
</Brst_Test>
</modules>
<global>
<models>
<brst_test>
<class>Brst_Test_Model</class>
</brst_test>
</models>
</global>
<frontend>
<events>
<controller_action_predispatch_checkout_cart_add>
<observers>
<brst_test_log_cart_add>
<class>brst_test/observer</class>
<method>logCartAdd</method>
</brst_test_log_cart_add>
</observers>
</controller_action_predispatch_checkout_cart_add>
</events>
</frontend>
</config>
Not working, how to solve the error? What version of PHP does the function filter_var() come with?? How do I know if I have it installed on my web server? Thanks, Debbie I have a problem w/ a widely used password protect php code. I use a business directory program that allows custom input fields. I'm using this code to password protect a business listing page in my directory code. I created custom fields for the username & password so a listing can enter their own user/pass but when I test it it won't work when I'm calling/echoing the fields. When I hardcode it w/ a user/pass it works. Any ideas on how I should recode this?: Quote <?php // Define your username and password $username = "<?php echo $custom_74; ?>"; $password = "<?php echo $custom_16; ?>"; if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) { ?> <h1>Login</h1> <form name="form" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>"> <p><label for="txtUsername">Username:</label> <br /><input type="text" title="Enter your Username" name="txtUsername" /></p> <p><label for="txtpassword">Password:</label> <br /><input type="password" title="Enter your password" name="txtPassword" /></p> <p><input type="submit" name="Submit" value="Login" /></p> </form> <?php } else { ?> I close the code correctly. <?php echo $custom_74; ?> & <?php echo $custom_16; ?> are just incidently my custom field echo codes. I have over 150 custom fields working fine for user/listee options. The password protect code won't accept echos it seems as coded above. Thanks, Gene Hello Guys ... i am new here and i am also new in php i selfstudy html css and js and bootstrap for front-end and for back-back php & mysql & PDO & OOP and i will soon start mvc then laravel and i am trying to secure my input field and i do not want any attacks or sql injects and i see people user filter_var and htmlentities and htmlspecialchars and each one has diffrent opinion can some one help me and tell me what is the best for securing input which all values will store in database thanks <3
I wrote
<?php Hi all, I created a page template at http://www.durgeshsound.com/gallery/ Here my pagination buttons are not working. this issue arises when permalink format is http://www.example.com/sample-post/ But when I set permalink format to default (www.example.com/?p=123) then it starts to work and creates a working pagination link like this http://www.durgeshso...e_id=81&paged=2. I want this format http://www.example.com/sample-post/ in the links. Please help. I tried parsing through first https://www.jadaliyya.com/Details/28167/The-Empire-of-Sexuality-An-Interview-with-Joseph-Massad then even tried www.google.com and on both I get the following returned
post_url equals: www.google.compost_title equals: testpost_Threadybody equals: Enter your posts... URL equals: www.google.com www.google.com is not a valid URL Web page redirects after 2 seconds. And here is the if statement that handles my filter for URLs
if(isset($_POST["submit"]) && !empty($_POST["url"]) && !empty($_POST["Title"])){
$URL = $conn -> real_escape_string($_POST["url"]) ;
$BodyText = $conn -> real_escape_string(nl2br($_POST["ThreadBody"])) ;
echo "<P>URL equals: " ;
echo $URL ;
echo "<P>" ;
//Change to embed for youtube.
if (filter_var($URL, FILTER_VALIDATE_URL)) {
echo("$URL is a valid URL");
//Check if url is a youtube url
if (strpos($URL,'youtube') !== false) {
echo 'Youtube exists.';
$URL = preg_replace("/\s*[a-zA-Z\/\/:\.]*youtube.com\/watch\?v=([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/\*\-\_\?\&\;\%\=\.]*)/i","<iframe width=\"420\" height=\"315\" src=\"//www.youtube.com/embed/$1\" frameborder=\"0\" allowfullscreen></iframe>",$URL);
} else {
echo 'Youtube is not included .';
$URL = "<ahref ='" . $URL . "</a>" ;
}
$Title = $conn -> real_escape_string($_POST["Title"]) ;
$User = $_SESSION['username'];
$sql = "INSERT INTO Threads (Title, Users, ThreadBody, url)
VALUES ('$Title', '$User','$BodyText','$URL')";
if (mysqli_query($conn, $sql)) {
echo "New record has been added successfully !";
} else {
echo "Error: " . $sql . ":-" . mysqli_error($conn);
}
}
else {
echo("$URL is not a valid URL");
}
Hi,
Is there any way to use the inbuilt filter functions in PHP to filter for integer values greater than 256? All examples that I saw had a max_range of 256. Kindly suggest. Thanks.
function Clean_String($string) { return strtolower(trim(filter_var($string, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW))); } Ive tracked my issue back to filter_var here. For some reason it is adding stuff to the beginning and end of the string im looking for. It did this on 1 string that I noticed and doesnt do it on any others, which was strange because that string was typical like all others. Just a few sentences and numbers and line breaks. I cant find a reason why this is happening Just wondering if I have an if statement like: if ( true || true || true ) { // do this } Is PHP clever enough to do this: if ( true || skip_me|| skip_me) { // do this } if ( false || true || skip_me ) { // do this } Like precedence for the leftmost conditions? Thanks for any help. Hey guys wondering if this is possible or not im wanting to add the b_x with the b_y so i select it out of the data base as 1 number. The math im really going to do is more complex but just using add to simplifly what i want to do. i would obviously need to assign it in some way so I can grab it to like $variable = $star_check1[]; This will acctually become a loop grabing several rows so if i could change it into one number would be alot easier. $star_check3 = "SELECT b_x,b_y FROM planets WHERE x = '".($x)."' AND y = '".($y)."'"; $star_check2 = mysql_query($star_check3) or trigger_error("SQL", E_USER_ERROR); $star_check1 = mysql_fetch_array($star_check2); Im working with php 5.1.6. With xampp 1.5.14.
Im also working on a stock application. If I want to say add stock product (add_stock.php) this error is generated on screen. It seems to refer to a function in ump.class.php
Here we go,
ump.class.php
<?php
/**
* GUMP - A fast, extensible PHP input validation class
*
* @author Sean Nieuwoudt (http://twitter.com/SeanNieuwoudt)
* @copyright Copyright (c) 2011 Wixel.net
* @link http://github.com/Wixel/GUMP
* @version 1.0
*/
class GUMP
{
// Validation rules for execution
protected $validation_rules = array();
// Filter rules for execution
protected $filter_rules = array();
// Instance attribute containing errors from last run
protected $errors = array();
// ** ------------------------- Validation Data ------------------------------- ** //
public static $basic_tags = "<br><p><a><strong><b><i><em><img><blockquote><code><dd><dl><hr><h1><h2><h3><h4><h5><h6><label><ul><li><span><sub><sup>";
public static $en_noise_words = "about,after,all,also,an,and,another,any,are,as,at,be,because,been,before,
being,between,both,but,by,came,can,come,could,did,do,each,for,from,get,
got,has,had,he,have,her,here,him,himself,his,how,if,in,into,is,it,its,it's,like,
make,many,me,might,more,most,much,must,my,never,now,of,on,only,or,other,
our,out,over,said,same,see,should,since,some,still,such,take,than,that,
the,their,them,then,there,these,they,this,those,through,to,too,under,up,
very,was,way,we,well,were,what,where,which,while,who,with,would,you,your,a,
b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,$,1,2,3,4,5,6,7,8,9,0,_";
// ** ------------------------- Validation Helpers ---------------------------- ** //
/**
* Shorthand method for inline validation
*
* @param array $data The data to be validated
* @param array $validators The GUMP validators
* @return mixed True(boolean) or the array of error messages
*/
public static function is_valid(array $data, array $validators)
{
$gump = new Gump();
$gump->validation_rules($validators);
if($gump->run($data) === false) {
return $gump->get_readable_errors(false);
} else {
return true;
}
}
/**
* Magic method to generate the validation error messages
*
* @return string
*/
public function __toString()
{
return $this->get_readable_errors(true);
}
/**
* Perform XSS clean to prevent cross site scripting
*
* @static
* @access public
* @param array $data
* @return array
*/
public static function xss_clean(array $data)
{
foreach($data as $k => $v)
{
$data[$k] = filter_var($v, FILTER_SANITIZE_STRING);
}
return $data;
}
/**
* Getter/Setter for the validation rules
*
* @param array $rules
* @return array
*/
public function validation_rules(array $rules = array())
{
if(!empty($rules)) {
$this->validation_rules = $rules;
} else {
return $this->validation_rules;
}
}
/**
* Getter/Setter for the filter rules
*
* @param array $rules
* @return array
*/
public function filter_rules(array $rules = array())
{
if(!empty($rules)) {
$this->filter_rules = $rules;
} else {
return $this->filter_rules;
}
}
/**
* Run the filtering and validation after each other
*
* @param array $data
* @return array
* @return boolean
*/
public function run(array $data)
{
$data = $this->filter($data, $this->filter_rules());
$validated = $this->validate(
$data, $this->validation_rules()
);
if($validated !== true) {
return false;
} else {
return $data;
}
}
/**
* Sanitize the input data
*
* @access public
* @param array $data
* @return array
*/
public function sanitize(array $input, $fields = NULL, $utf8_encode = true)
{
$magic_quotes = (bool)get_magic_quotes_gpc();
if(is_null($fields))
{
$fields = array_keys($input);
}
foreach($fields as $field)
{
if(!isset($input[$field]))
{
continue;
}
else
{
$value = $input[$field];
if(is_string($value))
{
if($magic_quotes === TRUE)
{
$value = stripslashes($value);
}
if(strpos($value, "\r") !== FALSE)
{
$value = trim($value);
}
if(function_exists('iconv') && function_exists('mb_detect_encoding') && $utf8_encode)
{
$current_encoding = mb_detect_encoding($value);
if($current_encoding != 'UTF-8' && $current_encoding != 'UTF-16') {
$value = iconv($current_encoding, 'UTF-8', $value);
}
}
$value = filter_var($value, FILTER_SANITIZE_STRING);
}
$input[$field] = $value;
}
}
return $input;
}
/**
* Return the error array from the last validation run
*
* @return array
*/
public function errors()
{
return $this->errors;
}
/**
* Perform data validation against the provided ruleset
*
* @access public
* @param mixed $input
* @param array $ruleset
* @return mixed
*/
public function validate(array $input, array $ruleset)
{
$this->errors = array();
foreach($ruleset as $field => $rules)
{
#if(!array_key_exists($field, $input))
#{
# continue;
#}
$rules = explode('|', $rules);
foreach($rules as $rule)
{
$method = NULL;
$param = NULL;
if(strstr($rule, ',') !== FALSE) // has params
{
$rule = explode(',', $rule);
$method = 'validate_'.$rule[0];
$param = $rule[1];
}
else
{
$method = 'validate_'.$rule;
}
if(is_callable(array($this, $method)))
{
$result = $this->$method($field, $input, $param);
if(is_array($result)) // Validation Failed
{
$this->errors[] = $result;
}
}
else
{
throw new Exception("Validator method '$method' does not exist.");
}
}
}
return (count($this->errors) > 0)? $this->errors : TRUE;
}
/**
* Process the validation errors and return human readable error messages
*
* @param bool $convert_to_string = false
* @param string $field_class
* @param string $error_class
* @return array
* @return string
*/
public function get_readable_errors($convert_to_string = false, $field_class="field", $error_class="error-message")
{
if(empty($this->errors)) {
return ($convert_to_string)? null : array();
}
$resp = array();
foreach($this->errors as $e) {
$field = ucwords(str_replace(array('_','-'), chr(32), $e['field']));
$param = $e['param'];
switch($e['rule']) {
case 'validate_required':
$resp[] = "The <span class=\"$field_class\">$field</span> field is required";
break;
case 'validate_valid_email':
$resp[] = "The <span class=\"$field_class\">$field</span> field is required to be a valid email address";
break;
case 'validate_max_len':
if($param == 1) {
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to be shorter than $param character";
} else {
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to be shorter than $param characters";
}
break;
case 'validate_min_len':
if($param == 1) {
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to be longer than $param character";
} else {
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to be longer than $param characters";
}
break;
case 'validate_exact_len':
if($param == 1) {
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to be exactly $param character in length";
} else {
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to be exactly $param characters in length";
}
break;
case 'validate_alpha':
$resp[] = "The <span class=\"$field_class\">$field</span> field may only contain alpha characters(a-z)";
break;
case 'validate_alpha_numeric':
$resp[] = "The <span class=\"$field_class\">$field</span> field may only contain alpha-numeric characters";
break;
case 'validate_alpha_dash':
$resp[] = "The <span class=\"$field_class\">$field</span> field may only contain alpha characters & dashes";
break;
case 'validate_numeric':
$resp[] = "The <span class=\"$field_class\">$field</span> field may only contain numeric characters";
break;
case 'validate_integer':
$resp[] = "The <span class=\"$field_class\">$field</span> field may only contain a numeric value";
break;
case 'validate_boolean':
$resp[] = "The <span class=\"$field_class\">$field</span> field may only contain a true or false value";
break;
case 'validate_float':
$resp[] = "The <span class=\"$field_class\">$field</span> field may only contain a float value";
break;
case 'validate_valid_url':
$resp[] = "The <span class=\"$field_class\">$field</span> field is required to be a valid URL";
break;
case 'validate_url_exists':
$resp[] = "The <span class=\"$field_class\">$field</span> URL does not exist";
break;
case 'validate_valid_ip':
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to contain a valid IP address";
break;
case 'validate_valid_cc':
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to contain a valid credit card number";
break;
case 'validate_valid_name':
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to contain a valid human name";
break;
case 'validate_contains':
$resp[] = "The <span class=\"$field_class\">$field</span> field needs contain one of these values: ".implode(', ', $param);
break;
case 'validate_street_address':
$resp[] = "The <span class=\"$field_class\">$field</span> field needs to be a valid street address";
break;
}
}
if(!$convert_to_string) {
return $resp;
} else {
$buffer = '';
foreach($resp as $s) {
$buffer .= "<span class=\"$error_class\">$s</span>";
}
return $buffer;
}
}
/**
* Filter the input data according to the specified filter set
*
* @access public
* @param mixed $input
* @param array $filterset
* @return mixed
*/
public function filter(array $input, array $filterset)
{
foreach($filterset as $field => $filters)
{
if(!array_key_exists($field, $input))
{
continue;
}
$filters = explode('|', $filters);
foreach($filters as $filter)
{
$params = NULL;
if(strstr($filter, ',') !== FALSE)
{
$filter = explode(',', $filter);
$params = array_slice($filter, 1, count($filter) - 1);
$filter = $filter[0];
}
if(is_callable(array($this, 'filter_'.$filter)))
{
$method = 'filter_'.$filter;
$input[$field] = $this->$method($input[$field], $params);
}
else if(function_exists($filter))
{
$input[$field] = $filter($input[$field]);
}
else
{
throw new Exception("Filter method '$filter' does not exist.");
}
}
}
return $input;
}
// ** ------------------------- Filters --------------------------------------- ** //
/**
* Replace noise words in a string (http://tax.cchgroup.com/help/Avoiding_noise_words_in_your_search.htm)
*
* Usage: '<index>' => 'noise_words'
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_noise_words($value, $params = NULL)
{
$value = preg_replace('/\s\s+/u', chr(32),$value);
$value = " $value ";
$words = explode(',', self::$en_noise_words);
foreach($words as $word)
{
$word = trim($word);
$word = " $word "; // Normalize
if(stripos($value, $word) !== FALSE)
{
$value = str_ireplace($word, chr(32), $value);
}
}
return trim($value);
}
/**
* Remove all known punctuation from a string
*
* Usage: '<index>' => 'rmpunctuataion'
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_rmpunctuation($value, $params = NULL)
{
return preg_replace("/(?![.=$'€%-])\p{P}/u", '', $value);
}
/**
* Translate an input string to a desired language [DEPRECIATED]
*
* Any ISO 639-1 2 character language code may be used
*
* See: http://www.science.co.il/language/Codes.asp?s=code2
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
/*
protected function filter_translate($value, $params = NULL)
{
$input_lang = 'en';
$output_lang = 'en';
if(is_null($params))
{
return $value;
}
switch(count($params))
{
case 1:
$input_lang = $params[0];
break;
case 2:
$input_lang = $params[0];
$output_lang = $params[1];
break;
}
$text = urlencode($value);
$translation = file_get_contents(
"http://ajax.googleapis.com/ajax/services/language/translate?v=1.0&q={$text}&langpair={$input_lang}|{$output_lang}"
);
$json = json_decode($translation, true);
if($json['responseStatus'] != 200)
{
return $value;
}
else
{
return $json['responseData']['translatedText'];
}
}
*/
/**
* Sanitize the string by removing any script tags
*
* Usage: '<index>' => 'sanitize_string'
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_sanitize_string($value, $params = NULL)
{
return filter_var($value, FILTER_SANITIZE_STRING);
}
/**
* Sanitize the string by urlencoding characters
*
* Usage: '<index>' => 'urlencode'
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_urlencode($value, $params = NULL)
{
return filter_var($value, FILTER_SANITIZE_ENCODED);
}
/**
* Sanitize the string by converting HTML characters to their HTML entities
*
* Usage: '<index>' => 'htmlencode'
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_htmlencode($value, $params = NULL)
{
return filter_var($value, FILTER_SANITIZE_SPECIAL_CHARS);
}
/**
* Sanitize the string by removing illegal characters from emails
*
* Usage: '<index>' => 'sanitize_email'
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_sanitize_email($value, $params = NULL)
{
return filter_var($value, FILTER_SANITIZE_EMAIL);
}
/**
* Sanitize the string by removing illegal characters from numbers
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_sanitize_numbers($value, $params = NULL)
{
return filter_var($value, FILTER_SANITIZE_NUMBER_INT);
}
/**
* Filter out all HTML tags except the defined basic tags
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_basic_tags($value, $params = NULL)
{
return strip_tags($value, self::$basic_tags);
}
/**
* Filter out all SQL Valnurablities
*
* @access protected
* @param string $value
* @param array $params
* @return string
*/
protected function filter_mysql_escape($value, $params = NULL)
{
return mysql_real_escape_string($value);
}
// ** ------------------------- Validators ------------------------------------ ** //
/**
* Verify that a value is contained within the pre-defined value set
*
* Usage: '<index>' => 'contains,value value value'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_contains($field, $input, $param = NULL)
{
$param = trim(strtolower($param));
$value = trim(strtolower($input[$field]));
if (preg_match_all('#\'(.+?)\'#', $param, $matches, PREG_PATTERN_ORDER)) {
$param = $matches[1];
} else {
$param = explode(chr(32), $param);
}
if(in_array($value, $param)) { // valid, return nothing
return;
} else {
return array(
'field' => $field,
'value' => $value,
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Check if the specified key is present and not empty
*
* Usage: '<index>' => 'required'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_required($field, $input, $param = NULL)
{
if(isset($input[$field]) && trim($input[$field]) != '')
{
return;
}
else
{
return array(
'field' => $field,
'value' => NULL,
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided email is valid
*
* Usage: '<index>' => 'valid_email'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_valid_email($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!filter_var($input[$field], FILTER_VALIDATE_EMAIL))
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value length is less or equal to a specific value
*
* Usage: '<index>' => 'max_len,240'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_max_len($field, $input, $param = NULL)
{
if(!isset($input[$field]))
{
return;
}
if(function_exists('mb_strlen'))
{
if(mb_strlen($input[$field]) <= (int)$param)
{
return;
}
}
else
{
if(strlen($input[$field]) <= (int)$param)
{
return;
}
}
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
/**
* Determine if the provided value length is more or equal to a specific value
*
* Usage: '<index>' => 'min_len,4'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_min_len($field, $input, $param = NULL)
{
if(!isset($input[$field]))
{
return;
}
if(function_exists('mb_strlen'))
{
if(mb_strlen($input[$field]) >= (int)$param)
{
return;
}
}
else
{
if(strlen($input[$field]) >= (int)$param)
{
return;
}
}
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
/**
* Determine if the provided value length matches a specific value
*
* Usage: '<index>' => 'exact_len,5'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_exact_len($field, $input, $param = NULL)
{
if(!isset($input[$field]))
{
return;
}
if(function_exists('mb_strlen'))
{
if(mb_strlen($input[$field]) == (int)$param)
{
return;
}
}
else
{
if(strlen($input[$field]) == (int)$param)
{
return;
}
}
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
/**
* Determine if the provided value contains only alpha characters
*
* Usage: '<index>' => 'alpha'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_alpha($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!preg_match("/^([a-zÀÁÂÃÄÅÇÈÉÊËÌÍÎÏÒÓÔÕÖÙÚÛÜÝàáâãäåçèéêëìíîïðòóôõöùúûüýÿ])+$/i", $input[$field]) !== FALSE)
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value contains only alpha-numeric characters
*
* Usage: '<index>' => 'alpha_numeric'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_alpha_numeric($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!preg_match("/^([a-z0-9ÀÁÂÃÄÅÇÈÉÊËÌÍÎÏÒÓÔÕÖÙÚÛÜÝàáâãäåçèéêëìíîïðòóôõöùúûüýÿ])+$/i", $input[$field]) !== FALSE)
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value contains only alpha characters with dashed and underscores
*
* Usage: '<index>' => 'alpha_dash'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_alpha_dash($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!preg_match("/^([a-z0-9ÀÁÂÃÄÅÇÈÉÊËÌÍÎÏÒÓÔÕÖÙÚÛÜÝàáâãäåçèéêëìíîïðòóôõöùúûüýÿ_-])+$/i", $input[$field]) !== FALSE)
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value is a valid number or numeric string
*
* Usage: '<index>' => 'numeric'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_numeric($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!is_numeric($input[$field]))
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value is a valid integer
*
* Usage: '<index>' => 'integer'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_integer($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!filter_var($input[$field], FILTER_VALIDATE_INT))
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value is a PHP accepted boolean
*
* Usage: '<index>' => 'boolean'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_boolean($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
$bool = filter_var($input[$field], FILTER_VALIDATE_BOOLEAN);
if(!is_bool($bool))
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value is a valid float
*
* Usage: '<index>' => 'float'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_float($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!filter_var($input[$field], FILTER_VALIDATE_FLOAT))
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value is a valid URL
*
* Usage: '<index>' => 'valid_url'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_valid_url($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!filter_var($input[$field], FILTER_VALIDATE_URL))
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if a URL exists & is accessible
*
* Usage: '<index>' => 'url_exists'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_url_exists($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
$url = str_replace(
array('http://', 'https://', 'ftp://'), '', strtolower($input[$field])
);
if(function_exists('checkdnsrr'))
{
if(!checkdnsrr($url))
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
else
{
if(gethostbyname($url) == $url)
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
}
/**
* Determine if the provided value is a valid IP address
*
* Usage: '<index>' => 'valid_ip'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_valid_ip($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!filter_var($input[$field], FILTER_VALIDATE_IP) !== FALSE)
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value is a valid IPv4 address
*
* Usage: '<index>' => 'valid_ipv4'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_valid_ipv4($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!filter_var($input[$field], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== FALSE)
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided value is a valid IPv6 address
*
* Usage: '<index>' => 'valid_ipv6'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_valid_ipv6($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
if(!filter_var($input[$field], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== FALSE)
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the input is a valid credit card number
*
* See: http://stackoverflow.com/questions/174730/what-is-the-best-way-to-validate-a-credit-card-in-php
* Usage: '<index>' => 'valid_cc'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_valid_cc($field, $input, $param = NULL)
{
if(!isset($input[$field]) || empty($input[$field]))
{
return;
}
$number = preg_replace('/\D/', '', $input[$field]);
if(function_exists('mb_strlen'))
{
$number_length = mb_strlen($input[$field]);
}
else
{
$number_length = strlen($input[$field]);
}
$parity = $number_length % 2;
$total = 0;
for($i = 0; $i < $number_length; $i++)
{
$digit = $number[$i];
if ($i % 2 == $parity)
{
$digit *= 2;
if ($digit > 9)
{
$digit -= 9;
}
}
$total += $digit;
}
if($total % 10 == 0)
{
return; // Valid
}
else
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the input is a valid human name [Credits to http://github.com/ben-s]
*
* See: https://github.com/Wixel/GUMP/issues/5
* Usage: '<index>' => 'valid_name'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_valid_name($field, $input, $param = NULL)
{
if(!isset($input[$field])|| empty($input[$field]))
{
return;
}
if(!preg_match("/^([a-zÀÁÂÃÄÅÇÈÉÊËÌÍÎÏÒÓÔÕÖÙÚÛÜÝàáâãäåçèéêëìíîïñðòóôõöùúûüýÿ '-])+$/i", $input[$field]) !== FALSE)
{
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
/**
* Determine if the provided input is likely to be a street address using weak detection
*
* Usage: '<index>' => 'street_address'
*
* @access protected
* @param string $field
* @param array $input
* @return mixed
*/
protected function validate_street_address($field, $input, $param = NULL)
{
if(!isset($input[$field])|| empty($input[$field]))
{
return;
}
// Theory: 1 number, 1 or more spaces, 1 or more words
$hasLetter = preg_match('/[a-zA-Z]/', $input[$field]);
$hasDigit = preg_match('/\d/' , $input[$field]);
$hasSpace = preg_match('/\s/' , $input[$field]);
$passes = $hasLetter && $hasDigit && $hasSpace;
if(!$passes) {
return array(
'field' => $field,
'value' => $input[$field],
'rule' => __FUNCTION__,
'param' => $param
);
}
}
} // EOC
Here is add_stock.php
<?php
include_once("init.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>POSNIC - Add Stock Category</title>
<!-- Stylesheets -->
<link href='http://fonts.googleapis.com/css?family=Droid+Sans:400,700' rel='stylesheet'>
<link rel="stylesheet" href="css/style.css">
<link rel="stylesheet" href="js/date_pic/date_input.css">
<link rel="stylesheet" href="lib/auto/css/jquery.autocomplete.css">
<!-- Optimize for mobile devices -->
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<!-- jQuery & JS files -->
<?php include_once("tpl/common_js.php"); ?>
<script src="js/script.js"></script>
<script src="js/date_pic/jquery.date_input.js"></script>
<script src="lib/auto/js/jquery.autocomplete.js "></script>
<script>
/*$.validator.setDefaults({
submitHandler: function() { alert("submitted!"); }
});*/
$(document).ready(function() {
$("#supplier").autocomplete("supplier1.php", {
width: 160,
autoFill: true,
selectFirst: true
});
$("#category").autocomplete("category.php", {
width: 160,
autoFill: true,
selectFirst: true
});
// validate signup form on keyup and submit
$("#form1").validate({
rules: {
name: {
required: true,
minlength: 3,
maxlength: 200
},
stockid: {
required: true,
minlength: 3,
maxlength: 200
},
cost: {
required: true,
},
sell: {
required: true,
}
},
messages: {
name: {
required: "Please Enter Stock Name",
minlength: "Category Name must consist of at least 3 characters"
},
stockid: {
required: "Please Enter Stock ID",
minlength: "Category Name must consist of at least 3 characters"
},
sell: {
required: "Please Enter Selling Price",
minlength: "Category Name must consist of at least 3 characters"
},
cost: {
required: "Please Enter Cost Price",
minlength: "Category Name must consist of at least 3 characters"
}
}
});
});
function numbersonly(e){
var unicode=e.charCode? e.charCode : e.keyCode
if (unicode!=8 && unicode!=46 && unicode!=37 && unicode!=38 && unicode!=39 && unicode!=40 && unicode!=9){ //if the key isn't the backspace key (which we should allow)
if (unicode<48||unicode>57)
return false
}
}
</script>
</script>
</head>
<body>
<!-- TOP BAR -->
<?php include_once("tpl/top_bar.php"); ?>
<!-- end top-bar -->
<!-- HEADER -->
<div id="header-with-tabs">
<div class="page-full-width cf">
<ul id="tabs" class="fl">
<li><a href="dashboard.php" class="dashboard-tab">Dashboard</a></li>
<li><a href="view_sales.php" class="sales-tab">Sales</a></li>
<li><a href="view_customers.php" class=" customers-tab">Customers</a></li>
<li><a href="view_purchase.php" class="purchase-tab">Purchase</a></li>
<li><a href="view_supplier.php" class=" supplier-tab">Supplier</a></li>
<li><a href="view_product.php" class="active-tab stock-tab">Stocks / Products</a></li>
<li><a href="view_payments.php" class="payment-tab">Payments / Outstandings</a></li>
<li><a href="view_report.php" class="report-tab">Reports</a></li>
</ul> <!-- end tabs -->
<!-- Change this image to your own company's logo -->
<!-- The logo will automatically be resized to 30px height. -->
<a href="#" id="company-branding-small" class="fr"><img src="<?php if(isset($_SESSION['logo'])) { echo "upload/".$_SESSION['logo'];}else{ echo "upload/posnic.png"; } ?>" alt="Point of Sale" /></a>
</div> <!-- end full-width -->
</div> <!-- end header -->
<!-- MAIN CONTENT -->
<div id="content">
<div class="page-full-width cf">
<div class="side-menu fl">
<h3>Stock Management</h3>
<ul>
<li><a href="add_stock.php">Add Stock/Product</a></li>
<li><a href="view_product.php">View Stock/Product</a></li>
<li><a href="add_category.php">Add Stock Category</a></li>
<li><a href="view_category.php">view Stock Category</a></li>
<li><a href="view_stock_availability.php">view Stock Available</a></li>
</ul>
</div> <!-- end side-menu -->
<div class="side-content fr">
<div class="content-module">
<div class="content-module-heading cf">
<h3 class="fl">Add Stock </h3>
<span class="fr expand-collapse-text">Click to collapse</span>
<div style="margin-top: 15px;margin-left: 150px"></div>
<span class="fr expand-collapse-text initial-expand">Click to expand</span>
</div> <!-- end content-module-heading -->
<div class="content-module-main cf">
<?php
//Gump is libarary for Validatoin
if(isset($_POST['name'])){
$_POST = $gump->sanitize($_POST);
$gump->validation_rules(array(
'name' => 'required|max_len,100|min_len,3',
'stockid' => 'required|max_len,200',
'sell' => 'required|max_len,200',
'cost' => 'required|max_len,200',
'supplier' => 'max_len,200',
'category' => 'max_len,200'
));
$gump->filter_rules(array(
'name' => 'trim|sanitize_string|mysql_escape',
'stockid' => 'trim|sanitize_string|mysql_escape',
'sell' => 'trim|sanitize_string|mysql_escape',
'cost' => 'trim|sanitize_string|mysql_escape',
'category' => 'trim|sanitize_string|mysql_escape',
'supplier' => 'trim|sanitize_string|mysql_escape'
));
$validated_data = $gump->run($_POST);
$name = "";
$stockid = "";
$sell = "";
$cost = "";
$supplier = "";
$category = "";
if($validated_data === false) {
echo $gump->get_readable_errors(true);
} else {
$name=mysql_real_escape_string($_POST['name']);
$stockid=mysql_real_escape_string($_POST['stockid']);
$sell=mysql_real_escape_string($_POST['sell']);
$cost=mysql_real_escape_string($_POST['cost']);
$supplier=mysql_real_escape_string($_POST['supplier']);
$category=mysql_real_escape_string($_POST['category']);
$count = $db->countOf("stock_details", "stock_name ='$name'");
if($count>1)
{
$data='Dublicat Entry. Please Verify';
$msg='<p style=color:red;font-family:gfont-family:Georgia, Times New Roman, Times, serif>'.$data.'</p>';//
?>
<script src="dist/js/jquery.ui.draggable.js"></script>
<script src="dist/js/jquery.alerts.js"></script>
<script src="dist/js/jquery.js"></script>
<link rel="stylesheet" href="dist/js/jquery.alerts.css" >
<script type="text/javascript">
jAlert('<?php echo $msg; ?>', 'POSNIC');
</script>
<?php
}
else
{
if($db->query("insert into stock_details(stock_id,stock_name,stock_quatity,supplier_id,company_price,selling_price,category) values('$stockid','$name',0,'$supplier',$cost,$sell,'$category')"))
{
$db->query("insert into stock_avail(name,quantity) values('$name',0)");
$msg=" $name Stock Details Added" ;
header("Location: add_stock.php?msg=$msg");
}else
echo "<br><font color=red size=+1 >Problem in Adding !</font>" ;
}
}
}
if(isset($_GET['msg'])){
$data=$_GET['msg'];
$msg='<p style=color:#153450;font-family:gfont-family:Georgia, Times New Roman, Times, serif>'.$data.'</p>';//
?>
<script src="dist/js/jquery.ui.draggable.js"></script>
<script src="dist/js/jquery.alerts.js"></script>
<script src="dist/js/jquery.js"></script>
<link rel="stylesheet" href="dist/js/jquery.alerts.css" >
<script type="text/javascript">
jAlert('<?php echo $msg; ?>', 'POSNIC');
</script>
<?php
}
?>
<form name="form1" method="post" id="form1" action="">
<table class="form" border="0" cellspacing="0" cellpadding="0">
<tr>
<?php
$max = $db->maxOfAll("id", "stock_details");
$max=$max+1;
$autoid="SD".$max."";
?>
<td><span class="man">*</span>Stock ID:</td>
<td><input name="stockid" type="text" id="stockid" readonly maxlength="200" class="round default-width-input" value="<?php echo $autoid; ?>" /></td>
<td><span class="man">*</span>Name:</td>
<td><input name="name"placeholder="ENTER CATEGORY NAME" type="text" id="name" maxlength="200" class="round default-width-input" value="<?php echo $name; ?>" /></td>
</tr>
<tr>
<td><span class="man">*</span>Cost:</td>
<td><input name="cost" placeholder="ENTER COST PRICE" type="text" id="cost" maxlength="200" class="round default-width-input" onkeypress="return numbersonly(event)" value="<?php echo $cost; ?>" /></td>
<td><span class="man">*</span>Sell:</td>
<td><input name="sell" placeholder="ENTER SELLING PRICE" type="text" id="sell" maxlength="200" class="round default-width-input" onkeypress="return numbersonly(event)" value="<?php echo $sell; ?>" /></td>
</tr>
<tr>
<td>Supplier:</td>
<td><input name="supplier" placeholder="ENTER SUPPLIER NAME" type="text" id="supplier" maxlength="200" class="round default-width-input" value="<?php echo $supplier; ?>" /></td>
<td>Category:</td>
<td><input name="category" placeholder="ENTER CATEGORY NAME" type="text" id="category" maxlength="200" class="round default-width-input" value="<?php echo $category; ?>" /></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td>
</td>
<td>
<input class="button round blue image-right ic-add text-upper" type="submit" name="Submit" value="Add">
(Control + S)
<td align="right"><input class="button round red text-upper" type="reset" name="Reset" value="Reset"> </td>
</tr>
</table>
</form>
</div> <!-- end content-module-main -->
</div> <!-- end content-module -->
</div> <!-- end full-width -->
</div> <!-- end content -->
<!-- FOOTER -->
<div id="footer">
<p>Any Queries email to <a href="mailto:sridhar.posnic@gmail.com?subject=Stock%20Management%20System">sridhar.posnic@gmail.com</a>.</p>
</div> <!-- end footer -->
</body>
</html>
now who can tell me what is wrong with the function filter_var() method on line 186 in ump.class.php?
What is the difference between EXTR_PREFIX_SAME and EXTR_PREFIX_IF_EXISTS? I'm sure it's not much, but I'm not understanding something with custom error handlers: I've created a custom error handler, which I initially set when my page loads : set_error_handler(array ( new ErrorHandler(), 'handleError' ));
It seems to catch all internal PHP errors, such as if I: var_dump($non_existing_var); right after the set_error_handler.... Now, I have an object that throws an exception after: set_error_handler(array ( new ErrorHandler(), 'handleError' )); $locale = new \CorbeauPerdu\i18n\Locale(...); // this should throw an exception ... I thought that with an error handler set, I could 'skip' the try/catch for it, but doing so, PHP spits out in its internal log: PHP Fatal error: Uncaught CorbeauPerdu\i18n\LocaleException: ....
My error handler doesn't catch it at all before, thus my page breaks!! If I want it to go through the error handler, I have to init my Locale with a try/catch and use trigger_error() like so:
set_error_handler(array ( new ErrorHandler(), 'handleError' ));
try {
$locale = new \CorbeauPerdu\i18n\Locale(...); // this should throw an exception
}
catch(Exception $e) {
trigger_error($e->getMessage(), E_USER_ERROR);
}
...
Is this normal ? I thought one of the goals of the error_handler was to catch anything that wasn't dealt with? Thanks for your answers! I have 2 pieces of different code that get run at different times, but act on the same text file. (The first example writes data and the second rewrites data with some expired data removed from the rewrite.) The first code example appends data to a new line each time it is run except when it is run just after the second code example has ran. When run after the second example, the first code example will append the data to the last line of the text file instead of appending to a new line. Why is this? Here is the first code example... Code: [Select] <?php $message = "Hello, World! \nGoodbye!"; $message_br = str_replace("\n", '<br />', $message); // couldn't use nl2br because i needed to remove the \n completely. $userName = "Anon"; $coordinates = "1234567890"; $locationType = "geo"; $dateDay = "23"; $dateMonth = "2"; $dateYear = "2011"; $timeHour = "9"; $timeMins = 45; $timeAMPM = "AM"; // Format the time/Date date_default_timezone_set('UTC'); $inputTime = date('c', mktime((int)$timeHour, (int)$timeMins, 0, (int)$dateMonth, (int)$dateDay, (int)$dateYear)); // Send all data so far, to an array. $entry_array = array(); array_push($entry_array, $inputTime, $locationType, $coordinates, $userName, $message_br); // write the array to CSV file. $fp = fopen('messages.txt', 'a'); fputcsv($fp, $entry_array, "|"); fclose($fp); ?> Here is the second... Code: [Select] <?php $one_day = 60*60*24; $timestamp = time(); date_default_timezone_set('UTC'); $expiry_date = date('c', $timestamp+$one_day); $future_date = array(); $delete_line = array(); // Open existing data in the text file. $lines = file('messages.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); foreach ($lines as $line){ list($field1, $field2, $field3, $field4, $field5) = explode('|', $line); if ($field1 < $expiry_date){ array_push($delete_line, $line); // add to the to-be-deleted array. } else { array_push($future_date, $line); } } $array2string = implode("\n", $future_date); // convert array data to string. // write the data to CSV file. $fp = fopen('messages.txt', 'w'); fwrite($fp, $array2string); fclose($fp); ?> |
|||||||