Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 5cf664748ee295867f593d7eb7991bd35fe8eca6 / . / system / libraries / Validation.php
blob: a0f038c02574ff48ed7f8bdf6410735133289c60 [file] [log] [blame]
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]1<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
2/**
3 * CodeIgniter
4 *
5 * An open source application development framework for PHP 4.3.2 or newer
6 *
7 * @package CodeIgniter
Derek Allard3d879d52008-01-18 19:41:32 +0000[diff] [blame]8 * @author ExpressionEngine Dev Team
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]9 * @copyright Copyright (c) 2006, EllisLab, Inc.
Derek Allardcdd2ab22008-01-23 00:05:38 +0000[diff] [blame]10 * @license http://codeigniter.com/user_guide/license.html
11 * @link http://codeigniter.com
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]12 * @since Version 1.0
13 * @filesource
14 */
15
16// ------------------------------------------------------------------------
17
18/**
19 * Validation Class
20 *
21 * @package CodeIgniter
22 * @subpackage Libraries
23 * @category Validation
Derek Allard3d879d52008-01-18 19:41:32 +0000[diff] [blame]24 * @author ExpressionEngine Dev Team
Derek Allardcdd2ab22008-01-23 00:05:38 +0000[diff] [blame]25 * @link http://codeigniter.com/user_guide/libraries/validation.html
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]26 */
27class CI_Validation {
28
29 var $CI;
30 var $error_string = '';
31 var $_error_array = array();
32 var $_rules = array();
33 var $_fields = array();
34 var $_error_messages = array();
35 var $_current_field = '';
36 var $_safe_form_data = FALSE;
37 var $_error_prefix = '<p>';
38 var $_error_suffix = '</p>';
39
40
41
42 /**
43 * Constructor
44 *
45 */
46 function CI_Validation()
47 {
48 $this->CI =& get_instance();
49 log_message('debug', "Validation Class Initialized");
50 }
51
52 // --------------------------------------------------------------------
53
54 /**
55 * Set Fields
56 *
57 * This function takes an array of field names as input
58 * and generates class variables with the same name, which will
59 * either be blank or contain the $_POST value corresponding to it
60 *
61 * @access public
62 * @param string
63 * @param string
64 * @return void
65 */
66 function set_fields($data = '', $field = '')
67 {
68 if ($data == '')
69 {
70 if (count($this->_fields) == 0)
71 {
72 return FALSE;
73 }
74 }
75 else
76 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]77 if (! is_array($data))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]78 {
79 $data = array($data => $field);
80 }
81
82 if (count($data) > 0)
83 {
84 $this->_fields = $data;
85 }
86 }
87
88 foreach($this->_fields as $key => $val)
Derek Jones07edd4b2008-01-18 19:50:49 +0000[diff] [blame]89 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]90 $this->$key = (! isset($_POST[$key])) ? '' : $this->prep_for_form($_POST[$key]);
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]91
92 $error = $key.'_error';
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]93 if (! isset($this->$error))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]94 {
95 $this->$error = '';
96 }
97 }
98 }
99
100 // --------------------------------------------------------------------
101
102 /**
103 * Set Rules
104 *
105 * This function takes an array of field names and validation
106 * rules as input ad simply stores is for use later.
107 *
108 * @access public
109 * @param mixed
110 * @param string
111 * @return void
112 */
113 function set_rules($data, $rules = '')
114 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]115 if (! is_array($data))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]116 {
117 if ($rules == '')
118 return;
119
Derek Jones40306b52008-05-07 22:52:45 +0000[diff] [blame]120 $data = array($data => $rules);
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]121 }
122
123 foreach ($data as $key => $val)
124 {
125 $this->_rules[$key] = $val;
126 }
127 }
128
129 // --------------------------------------------------------------------
130
131 /**
132 * Set Error Message
133 *
134 * Lets users set their own error messages on the fly. Note: The key
135 * name has to match the function name that it corresponds to.
136 *
137 * @access public
138 * @param string
139 * @param string
140 * @return string
141 */
142 function set_message($lang, $val = '')
143 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]144 if (! is_array($lang))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]145 {
146 $lang = array($lang => $val);
147 }
148
149 $this->_error_messages = array_merge($this->_error_messages, $lang);
150 }
151
152 // --------------------------------------------------------------------
153
154 /**
155 * Set The Error Delimiter
156 *
157 * Permits a prefix/suffix to be added to each error message
158 *
159 * @access public
160 * @param string
161 * @param string
162 * @return void
163 */
164 function set_error_delimiters($prefix = '<p>', $suffix = '</p>')
165 {
166 $this->_error_prefix = $prefix;
167 $this->_error_suffix = $suffix;
168 }
169
170 // --------------------------------------------------------------------
171
172 /**
173 * Run the Validator
174 *
175 * This function does all the work.
176 *
177 * @access public
178 * @return bool
179 */
180 function run()
181 {
182 // Do we even have any data to process? Mm?
183 if (count($_POST) == 0 OR count($this->_rules) == 0)
184 {
185 return FALSE;
186 }
187
188 // Load the language file containing error messages
189 $this->CI->lang->load('validation');
190
191 // Cycle through the rules and test for errors
192 foreach ($this->_rules as $field => $rules)
193 {
194 //Explode out the rules!
195 $ex = explode('|', $rules);
196
Rick Ellisa1b05a12007-04-27 21:20:38 +0000[diff] [blame]197 // Is the field required? If not, if the field is blank we'll move on to the next test
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]198 if (! in_array('required', $ex, TRUE))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]199 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]200 if (! isset($_POST[$field]) OR $_POST[$field] == '')
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]201 {
202 continue;
203 }
204 }
205
206 /*
207 * Are we dealing with an "isset" rule?
208 *
209 * Before going further, we'll see if one of the rules
210 * is to check whether the item is set (typically this
211 * applies only to checkboxes). If so, we'll
212 * test for it here since there's not reason to go
213 * further
214 */
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]215 if (! isset($_POST[$field]))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]216 {
217 if (in_array('isset', $ex, TRUE) OR in_array('required', $ex))
218 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]219 if (! isset($this->_error_messages['isset']))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]220 {
221 if (FALSE === ($line = $this->CI->lang->line('isset')))
222 {
223 $line = 'The field was not set';
224 }
225 }
226 else
227 {
228 $line = $this->_error_messages['isset'];
229 }
230
Derek Allard9805f612007-12-31 16:02:32 +0000[diff] [blame]231 // Build the error message
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]232 $mfield = (! isset($this->_fields[$field])) ? $field : $this->_fields[$field];
Derek Allard9805f612007-12-31 16:02:32 +0000[diff] [blame]233 $message = sprintf($line, $mfield);
234
235 // Set the error variable. Example: $this->username_error
236 $error = $field.'_error';
237 $this->$error = $this->_error_prefix.$message.$this->_error_suffix;
238 $this->_error_array[] = $message;
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]239 }
240
241 continue;
242 }
243
244 /*
245 * Set the current field
246 *
247 * The various prepping functions need to know the
248 * current field name so they can do this:
249 *
250 * $_POST[$this->_current_field] == 'bla bla';
251 */
252 $this->_current_field = $field;
253
254 // Cycle through the rules!
255 foreach ($ex As $rule)
256 {
257 // Is the rule a callback?
258 $callback = FALSE;
259 if (substr($rule, 0, 9) == 'callback_')
260 {
261 $rule = substr($rule, 9);
262 $callback = TRUE;
263 }
264
265 // Strip the parameter (if exists) from the rule
266 // Rules can contain a parameter: max_length[5]
267 $param = FALSE;
268 if (preg_match("/(.*?)\[(.*?)\]/", $rule, $match))
269 {
270 $rule = $match[1];
271 $param = $match[2];
272 }
273
274 // Call the function that corresponds to the rule
275 if ($callback === TRUE)
276 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]277 if (! method_exists($this->CI, $rule))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]278 {
279 continue;
280 }
281
282 $result = $this->CI->$rule($_POST[$field], $param);
283
284 // If the field isn't required and we just processed a callback we'll move on...
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]285 if (! in_array('required', $ex, TRUE) AND $result !== FALSE)
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]286 {
287 continue 2;
288 }
289
290 }
291 else
292 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]293 if (! method_exists($this, $rule))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]294 {
295 /*
296 * Run the native PHP function if called for
297 *
298 * If our own wrapper function doesn't exist we see
299 * if a native PHP function does. Users can use
300 * any native PHP function call that has one param.
301 */
302 if (function_exists($rule))
303 {
304 $_POST[$field] = $rule($_POST[$field]);
305 $this->$field = $_POST[$field];
306 }
307
308 continue;
309 }
310
311 $result = $this->$rule($_POST[$field], $param);
312 }
313
314 // Did the rule test negatively? If so, grab the error.
315 if ($result === FALSE)
316 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]317 if (! isset($this->_error_messages[$rule]))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]318 {
319 if (FALSE === ($line = $this->CI->lang->line($rule)))
320 {
321 $line = 'Unable to access an error message corresponding to your field name.';
322 }
323 }
324 else
325 {
Derek Allard89bf50f2007-08-14 02:39:04 +0000[diff] [blame]326 $line = $this->_error_messages[$rule];
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]327 }
328
329 // Build the error message
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]330 $mfield = (! isset($this->_fields[$field])) ? $field : $this->_fields[$field];
331 $mparam = (! isset($this->_fields[$param])) ? $param : $this->_fields[$param];
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]332 $message = sprintf($line, $mfield, $mparam);
333
334 // Set the error variable. Example: $this->username_error
335 $error = $field.'_error';
336 $this->$error = $this->_error_prefix.$message.$this->_error_suffix;
337
338 // Add the error to the error array
339 $this->_error_array[] = $message;
340 continue 2;
341 }
342 }
343
344 }
345
346 $total_errors = count($this->_error_array);
347
348 /*
349 * Recompile the class variables
350 *
351 * If any prepping functions were called the $_POST data
352 * might now be different then the corresponding class
353 * variables so we'll set them anew.
354 */
355 if ($total_errors > 0)
356 {
357 $this->_safe_form_data = TRUE;
358 }
359
360 $this->set_fields();
361
362 // Did we end up with any errors?
363 if ($total_errors == 0)
364 {
365 return TRUE;
366 }
367
368 // Generate the error string
369 foreach ($this->_error_array as $val)
370 {
371 $this->error_string .= $this->_error_prefix.$val.$this->_error_suffix."\n";
372 }
373
374 return FALSE;
375 }
376
377 // --------------------------------------------------------------------
378
379 /**
380 * Required
381 *
382 * @access public
383 * @param string
384 * @return bool
385 */
386 function required($str)
387 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]388 if (! is_array($str))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]389 {
390 return (trim($str) == '') ? FALSE : TRUE;
391 }
392 else
393 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]394 return (! empty($str));
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]395 }
396 }
397
398 // --------------------------------------------------------------------
399
400 /**
401 * Match one field to another
402 *
403 * @access public
404 * @param string
405 * @return bool
406 */
407 function matches($str, $field)
408 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]409 if (! isset($_POST[$field]))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]410 {
411 return FALSE;
412 }
413
414 return ($str !== $_POST[$field]) ? FALSE : TRUE;
415 }
416
417 // --------------------------------------------------------------------
418
419 /**
420 * Minimum Length
421 *
422 * @access public
423 * @param string
424 * @return bool
425 */
426 function min_length($str, $val)
427 {
Rick Ellis001e2562007-06-13 22:01:30 +0000[diff] [blame]428 if (preg_match("/[^0-9]/", $val))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]429 {
430 return FALSE;
431 }
432
433 return (strlen($str) < $val) ? FALSE : TRUE;
434 }
435
436 // --------------------------------------------------------------------
437
438 /**
439 * Max Length
440 *
441 * @access public
442 * @param string
443 * @return bool
444 */
445 function max_length($str, $val)
446 {
Rick Ellis001e2562007-06-13 22:01:30 +0000[diff] [blame]447 if (preg_match("/[^0-9]/", $val))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]448 {
449 return FALSE;
450 }
451
452 return (strlen($str) > $val) ? FALSE : TRUE;
453 }
454
455 // --------------------------------------------------------------------
456
457 /**
458 * Exact Length
459 *
460 * @access public
461 * @param string
462 * @return bool
463 */
464 function exact_length($str, $val)
465 {
Rick Ellis001e2562007-06-13 22:01:30 +0000[diff] [blame]466 if (preg_match("/[^0-9]/", $val))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]467 {
468 return FALSE;
469 }
470
471 return (strlen($str) != $val) ? FALSE : TRUE;
472 }
473
474 // --------------------------------------------------------------------
475
476 /**
477 * Valid Email
478 *
479 * @access public
480 * @param string
481 * @return bool
482 */
483 function valid_email($str)
484 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]485 return (! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]486 }
487
488 // --------------------------------------------------------------------
489
490 /**
Derek Allardb94b89c2008-04-28 23:18:00 +0000[diff] [blame]491 * Valid Emails
492 *
493 * @access public
494 * @param string
495 * @return bool
496 */
497 function valid_emails($str)
498 {
499 if (strpos($str, ',') === FALSE)
500 {
501 return $this->valid_email(trim($str));
502 }
503
504 foreach(explode(',', $str) as $email)
505 {
506 if (trim($email) != '' && $this->valid_email(trim($email)) === FALSE)
507 {
508 return FALSE;
509 }
510 }
511
512 return TRUE;
513 }
514
515 // --------------------------------------------------------------------
516
517 /**
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]518 * Validate IP Address
519 *
520 * @access public
521 * @param string
522 * @return string
523 */
524 function valid_ip($ip)
525 {
Derek Allard53a9c3f2007-09-18 19:18:53 +0000[diff] [blame]526 return $this->CI->input->valid_ip($ip);
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]527 }
528
529 // --------------------------------------------------------------------
530
531 /**
532 * Alpha
533 *
534 * @access public
535 * @param string
536 * @return bool
537 */
538 function alpha($str)
539 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]540 return (! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE;
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]541 }
542
543 // --------------------------------------------------------------------
544
545 /**
546 * Alpha-numeric
547 *
548 * @access public
549 * @param string
550 * @return bool
551 */
552 function alpha_numeric($str)
553 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]554 return (! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE;
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]555 }
556
557 // --------------------------------------------------------------------
558
559 /**
560 * Alpha-numeric with underscores and dashes
561 *
562 * @access public
563 * @param string
564 * @return bool
565 */
566 function alpha_dash($str)
567 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]568 return (! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE;
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]569 }
570
571 // --------------------------------------------------------------------
572
573 /**
574 * Numeric
575 *
576 * @access public
Derek Allard22cd38b2008-01-22 19:45:03 +0000[diff] [blame]577 * @param string
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]578 * @return bool
579 */
580 function numeric($str)
581 {
Derek Allard20460a62008-01-22 19:40:05 +0000[diff] [blame]582 return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str);
583
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]584 }
585
586 // --------------------------------------------------------------------
Derek Allardeb002ff2008-02-10 20:27:40 +0000[diff] [blame]587
588 /**
589 * Is Numeric
590 *
591 * @access public
592 * @param string
593 * @return bool
594 */
595 function is_numeric($str)
596 {
Derek Allard73274992008-05-05 16:39:18 +0000[diff] [blame]597 return (! is_numeric($str)) ? FALSE : TRUE;
Derek Allardeb002ff2008-02-10 20:27:40 +0000[diff] [blame]598 }
599
600 // --------------------------------------------------------------------
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]601
602 /**
Derek Allard12f9cc82008-01-22 07:21:32 +0000[diff] [blame]603 * Integer
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]604 *
605 * @access public
606 * @param string
607 * @return bool
608 */
Derek Allard12f9cc82008-01-22 07:21:32 +0000[diff] [blame]609 function integer($str)
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]610 {
Derek Allard20460a62008-01-22 19:40:05 +0000[diff] [blame]611 return (bool)preg_match( '/^[\-+]?[0-9]+$/', $str);
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]612 }
613
614 // --------------------------------------------------------------------
615
616 /**
Derek Jones15130ca2008-01-28 15:54:45 +0000[diff] [blame]617 * Valid Base64
618 *
619 * Tests a string for characters outside of the Base64 alphabet
620 * as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045
621 *
622 * @access public
623 * @param string
624 * @return bool
625 */
626 function valid_base64($str)
627 {
628 return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
629 }
630
631 // --------------------------------------------------------------------
632
633 /**
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]634 * Set Select
635 *
636 * Enables pull-down lists to be set to the value the user
637 * selected in the event of an error
638 *
639 * @access public
640 * @param string
641 * @param string
642 * @return string
643 */
644 function set_select($field = '', $value = '')
645 {
646 if ($field == '' OR $value == '' OR ! isset($_POST[$field]))
647 {
648 return '';
649 }
650
651 if ($_POST[$field] == $value)
652 {
653 return ' selected="selected"';
654 }
655 }
656
657 // --------------------------------------------------------------------
658
659 /**
660 * Set Radio
661 *
662 * Enables radio buttons to be set to the value the user
663 * selected in the event of an error
664 *
665 * @access public
666 * @param string
667 * @param string
668 * @return string
669 */
670 function set_radio($field = '', $value = '')
671 {
672 if ($field == '' OR $value == '' OR ! isset($_POST[$field]))
673 {
674 return '';
675 }
676
677 if ($_POST[$field] == $value)
678 {
679 return ' checked="checked"';
680 }
681 }
682
683 // --------------------------------------------------------------------
684
685 /**
686 * Set Checkbox
687 *
688 * Enables checkboxes to be set to the value the user
689 * selected in the event of an error
690 *
691 * @access public
692 * @param string
693 * @param string
694 * @return string
695 */
696 function set_checkbox($field = '', $value = '')
697 {
698 if ($field == '' OR $value == '' OR ! isset($_POST[$field]))
699 {
700 return '';
701 }
702
703 if ($_POST[$field] == $value)
704 {
705 return ' checked="checked"';
706 }
707 }
708
709 // --------------------------------------------------------------------
710
711 /**
712 * Prep data for form
713 *
714 * This function allows HTML to be safely shown in a form.
715 * Special characters are converted.
716 *
717 * @access public
718 * @param string
719 * @return string
720 */
Derek Jones07edd4b2008-01-18 19:50:49 +0000[diff] [blame]721 function prep_for_form($data = '')
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]722 {
Derek Jones07edd4b2008-01-18 19:50:49 +0000[diff] [blame]723 if (is_array($data))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]724 {
Derek Jones07edd4b2008-01-18 19:50:49 +0000[diff] [blame]725 foreach ($data as $key => $val)
726 {
727 $data[$key] = $this->prep_for_form($val);
728 }
Derek Jonesd56743b2008-05-12 16:17:58 +0000[diff] [blame]729
730 return $data;
Derek Jones07edd4b2008-01-18 19:50:49 +0000[diff] [blame]731 }
732
733 if ($this->_safe_form_data == FALSE OR $data == '')
734 {
735 return $data;
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]736 }
737
Derek Jones07edd4b2008-01-18 19:50:49 +0000[diff] [blame]738 return str_replace(array("'", '"', '<', '>'), array("&#39;", "&quot;", '&lt;', '&gt;'), stripslashes($data));
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]739 }
740
741 // --------------------------------------------------------------------
742
743 /**
744 * Prep URL
745 *
746 * @access public
747 * @param string
748 * @return string
749 */
750 function prep_url($str = '')
751 {
752 if ($str == 'http://' OR $str == '')
753 {
754 $_POST[$this->_current_field] = '';
755 return;
756 }
757
758 if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://')
759 {
760 $str = 'http://'.$str;
761 }
762
763 $_POST[$this->_current_field] = $str;
764 }
765
766 // --------------------------------------------------------------------
767
768 /**
769 * Strip Image Tags
770 *
771 * @access public
772 * @param string
773 * @return string
774 */
775 function strip_image_tags($str)
776 {
Derek Allard15a34772008-01-29 21:09:26 +0000[diff] [blame]777 $_POST[$this->_current_field] = $this->CI->input->strip_image_tags($str);
Derek Allardd2df9bc2007-04-15 17:41:17 +0000[diff] [blame]778 }
779
780 // --------------------------------------------------------------------
781
782 /**
783 * XSS Clean
784 *
785 * @access public
786 * @param string
787 * @return string
788 */
789 function xss_clean($str)
790 {
791 $_POST[$this->_current_field] = $this->CI->input->xss_clean($str);
792 }
793
794 // --------------------------------------------------------------------
795
796 /**
797 * Convert PHP tags to entities
798 *
799 * @access public
800 * @param string
801 * @return string
802 */
803 function encode_php_tags($str)
804 {
805 $_POST[$this->_current_field] = str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
806 }
807
808}
809// END Validation Class
Derek Jonesd56743b2008-05-12 16:17:58 +0000[diff] [blame]810
811/* End of file Validation.php */
Derek Jonesa3ffbbb2008-05-11 18:18:29 +0000[diff] [blame]812/* Location: ./system/libraries/Validation.php */