setup/lib/validate.lib.php

   1 <?php
   2 /**
   3  * Various validation functions
   4  *
   5  * Validation function takes two argument: id for which it is called
   6  * and array of fields' values (usually values for entire formset, as defined
   7  * in forms.inc.php).
   8  * The function must always return an array with an error (or error array)
   9  * assigned to a form element (formset name or field path). Even if there are
  10  * no errors, key must be set with an empty value.
  11  *
  12  * Valdiation functions are assigned in $cfg_db['_validators'] (config_info.inc.php).
  13  *
  14  * @package    phpMyAdmin-setup
  15  * @license    http://www.gnu.org/licenses/gpl.html GNU GPL 2.0
  16  * @version    $Id$
  17  */
  18
  19 /**
  20  * Runs validation $validator_id on values $values and returns error list.
  21  *
  22  * Return values:
  23  * o array, keys - field path or formset id, values - array of errors
  24  *   when $isPostSource is true values is an empty array to allow for error list
  25  *   cleanup in HTML documen
  26  * o false - when no validators match name(s) given by $validator_id
  27  *
  28  * @param string|array  $validator_id
  29  * @param array         $values
  30  * @param bool          $isPostSource  tells whether $values are directly from POST request
  31  * @return bool|array
  32  */
  33 function validate($validator_id, &$values, $isPostSource)
  34 {
  35     // find validators
  36     $cf = ConfigFile::getInstance();
  37     $validator_id = (array) $validator_id;
  38     $validators = $cf->getDbEntry('_validators');
  39     $vids = array();
  40     foreach ($validator_id as &$vid) {
  41         $vid = $cf->getCanonicalPath($vid);
  42         if (isset($validators[$vid])) {
  43             $vids[] = $vid;
  44         }
  45     }
  46     if (empty($vids)) {
  47         return false;
  48     }
  49
  50     // create argument list with canonical paths and remember path mapping
  51     $arguments = array();
  52     $key_map = array();
  53     foreach ($values as $k => $v) {
  54         $k2 = $isPostSource ? str_replace('-', '/', $k) : $k;
  55         $k2 = strpos($k2, '/') ? $cf->getCanonicalPath($k2) : $k2;
  56         $key_map[$k2] = $k;
  57         $arguments[$k2] = $v;
  58     }
  59
  60     // validate
  61     $result = array();
  62     foreach ($vids as $vid) {
  63         $r = call_user_func($validators[$vid], $vid, $arguments);
  64         // merge results
  65         if (is_array($r)) {
  66             foreach ($r as $key => $error_list) {
  67                 // skip empty values if $isPostSource is false
  68                 if (!$isPostSource && empty($error_list)) {
  69                     continue;
  70                 }
  71                 if (!isset($result[$key])) {
  72                     $result[$key] = array();
  73                 }
  74                 $result[$key] = array_merge($result[$key], (array)$error_list);
  75             }
  76         }
  77     }
  78
  79     // restore original paths
  80     $new_result = array();
  81     foreach ($result as $k => $v) {
  82         $k2 = isset($key_map[$k]) ? $key_map[$k] : $k;
  83         $new_result[$k2] = $v;
  84     }
  85     return empty($new_result) ? true : $new_result;
  86 }
  87
  88 /**
  89  * Ensures that $php_errormsg variable will be registered in case of an error
  90  * and enables output buffering (when $start = true).
  91  * Called with $start = false disables output buffering end restores
  92  * html_errors and track_errors.
  93  *
  94  * @param boolean $start
  95  */
  96 function test_php_errormsg($start = true)
  97 {
  98     static $old_html_errors, $old_track_errors;
  99     if ($start) {
 100         $old_html_errors = ini_get('html_errors');
 101         $old_track_errors = ini_get('track_errors');
 102         ini_set('html_errors', false);
 103         ini_set('track_errors', true);
 104         ob_start();
 105     } else {
 106         ob_end_clean();
 107         ini_set('html_errors', $old_html_errors);
 108         ini_set('track_errors', $old_track_errors);
 109     }
 110 }
 111
 112 /**
 113  * Test database connection
 114  *
 115  * @param string $extension     'mysql' or 'mysqli'
 116  * @param string $connect_type  'tcp' or 'socket'
 117  * @param string $host
 118  * @param string $port
 119  * @param string $socket
 120  * @param string $user
 121  * @param string $pass
 122  * @param string $error_key
 123  * @return bool|array
 124  */
 125 function test_db_connection($extension, $connect_type, $host, $port, $socket, $user, $pass = null, $error_key = 'Server')
 126 {
 127     //    test_php_errormsg();
 128     $socket = empty($socket) || $connect_type == 'tcp' ? null : ':' . $socket;
 129     $port = empty($port) || $connect_type == 'socket' ? null : ':' . $port;
 130     $error = null;
 131     if ($extension == 'mysql') {
 132         $conn = @mysql_connect($host . $socket . $port, $user, $pass);
 133         if (!$conn) {
 134             $error = PMA_lang('error_connection');
 135         } else {
 136             mysql_close($conn);
 137         }
 138     } else {
 139         $conn = @mysqli_connect($host, $user, $pass, null, $port, $socket);
 140         if (!$conn) {
 141             $error = PMA_lang('error_connection');
 142         } else {
 143             mysqli_close($conn);
 144         }
 145     }
 146     //    test_php_errormsg(false);
 147     if (isset($php_errormsg)) {
 148         $error .= " - $php_errormsg";
 149     }
 150     return is_null($error) ? true : array($error_key => $error);
 151 }
 152
 153 /**
 154  * Validate server config
 155  *
 156  * @param string $path
 157  * @param array  $values
 158  * @return array
 159  */
 160 function validate_server($path, $values)
 161 {
 162     $result = array('Server' => '', 'Servers/1/user' => '', 'Servers/1/SignonSession' => '', 'Servers/1/SignonURL' => '');
 163     $error = false;
 164     if ($values['Servers/1/auth_type'] == 'config' && empty($values['Servers/1/user'])) {
 165         $result['Servers/1/user'] = PMA_lang('error_empty_user_for_config_auth');
 166         $error = true;
 167     }
 168     if ($values['Servers/1/auth_type'] == 'signon' && empty($values['Servers/1/SignonSession'])) {
 169         $result['Servers/1/SignonSession'] = PMA_lang('error_empty_signon_session');
 170         $error = true;
 171     }
 172     if ($values['Servers/1/auth_type'] == 'signon' && empty($values['Servers/1/SignonURL'])) {
 173         $result['Servers/1/SignonURL'] = PMA_lang('error_empty_signon_url');
 174         $error = true;
 175     }
 176
 177     if (!$error && $values['Servers/1/auth_type'] == 'config') {
 178         $password = $values['Servers/1/nopassword'] ? null : $values['Servers/1/password'];
 179         $test = test_db_connection($values['Servers/1/extension'], $values['Servers/1/connect_type'], $values['Servers/1/host'], $values['Servers/1/port'], $values['Servers/1/socket'], $values['Servers/1/user'], $password, 'Server');
 180         if ($test !== true) {
 181             $result = array_merge($result, $test);
 182         }
 183     }
 184     return $result;
 185 }
 186
 187 /**
 188  * Validate pmadb config
 189  *
 190  * @param string $path
 191  * @param array  $values
 192  * @return array
 193  */
 194 function validate_pmadb($path, $values)
 195 {
 196     $tables = array('Servers/1/bookmarktable', 'Servers/1/relation', 'Servers/1/table_info', 'Servers/1/table_coords', 'Servers/1/pdf_pages', 'Servers/1/column_info', 'Servers/1/history', 'Servers/1/designer_coords');
 197     $result = array('Server_pmadb' => '', 'Servers/1/controluser' => '', 'Servers/1/controlpass' => '');
 198     $error = false;
 199
 200     if ($values['Servers/1/pmadb'] == '') {
 201         return $result;
 202     }
 203
 204     $result = array();
 205     if ($values['Servers/1/controluser'] == '') {
 206         $result['Servers/1/controluser'] = PMA_lang('error_empty_pmadb_user');
 207         $error = true;
 208     }
 209     if ($values['Servers/1/controlpass'] == '') {
 210         $result['Servers/1/controlpass'] = PMA_lang('error_empty_pmadb_password');
 211         $error = true;
 212     }
 213     if (!$error) {
 214         $test = test_db_connection($values['Servers/1/extension'], $values['Servers/1/connect_type'], $values['Servers/1/host'], $values['Servers/1/port'], $values['Servers/1/socket'], $values['Servers/1/controluser'], $values['Servers/1/controlpass'], 'Server_pmadb');
 215         if ($test !== true) {
 216             $result = array_merge($result, $test);
 217         }
 218     }
 219     return $result;
 220 }
 221
 222
 223 /**
 224  * Validates regular expression
 225  *
 226  * @param string $path
 227  * @param array  $values
 228  * @return array
 229  */
 230 function validate_regex($path, $values)
 231 {
 232     $result = array($path => '');
 233
 234     if ($values[$path] == '') {
 235         return $result;
 236     }
 237
 238     test_php_errormsg();
 239
 240     $matches = array();
 241     preg_match($values[$path], '', $matches);
 242     ob_end_clean();
 243
 244     test_php_errormsg(false);
 245
 246     if (isset($php_errormsg)) {
 247         $error = preg_replace('/^preg_match\(\): /', '', $php_errormsg);
 248         return array($path => $error);
 249     }
 250
 251     return $result;
 252 }
 253
 254 /**
 255  * Validates TrustedProxies field
 256  *
 257  * @param string $path
 258  * @param array  $values
 259  * @return array
 260  */
 261 function validate_trusted_proxies($path, $values)
 262 {
 263     $result = array($path => array());
 264
 265     if (empty($values[$path])) {
 266         return $result;
 267     }
 268
 269     if (is_array($values[$path])) {
 270         // value already processed by FormDisplay::save
 271         $lines = array();
 272         foreach ($values[$path] as $ip => $v) {
 273             $lines[] = preg_match('/^-\d+$/', $ip)
 274                 ? $v
 275                 : $ip . ': ' . $v;
 276         }
 277     } else {
 278         // AJAX validation
 279         $lines = explode("\n", $values[$path]);
 280     }
 281     foreach ($lines as $line) {
 282         $line = trim($line);
 283         $matches = array();
 284         // we catch anything that may (or may not) be an IP
 285         if (!preg_match("/^(.+):(?:[ ]?)\\w+$/", $line, $matches)) {
 286             $result[$path][] = PMA_lang('error_incorrect_value') . ': ' . $line;
 287             continue;
 288         }
 289         // now let's check whether we really have an IP address
 290         if (filter_var($matches[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false
 291             && filter_var($matches[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
 292             $ip = htmlspecialchars(trim($matches[1]));
 293             $result[$path][] = PMA_lang('error_incorrect_ip_address', $ip);
 294             continue;
 295         }
 296     }
 297
 298     return $result;
 299 }
 300
 301
 302 /**
 303  * Tests integer value
 304  *
 305  * @param string $path
 306  * @param array  $values
 307  * @param bool   $allow_neg       allow negative values
 308  * @param bool   $allow_zero      allow zero
 309  * @param int    $max_value       max allowed value
 310  * @param string $error_lang_key  error message key: $GLOBALS["strSetup$error_lang_key"]
 311  * @return string  empty string if test is successful
 312  */
 313 function test_number($path, $values, $allow_neg, $allow_zero, $max_value, $error_lang_key)
 314 {
 315     if ($values[$path] === '') {
 316         return '';
 317     }
 318
 319     if (intval($values[$path]) != $values[$path] || (!$allow_neg && $values[$path] < 0) || (!$allow_zero && $values[$path] == 0) || $values[$path] > $max_value) {
 320         return PMA_lang($error_lang_key);
 321     }
 322
 323     return '';
 324 }
 325
 326 /**
 327  * Validates port number
 328  *
 329  * @param string $path
 330  * @param array  $values
 331  * @return array
 332  */
 333 function validate_port_number($path, $values)
 334 {
 335     return array($path => test_number($path, $values, false, false, 65536, 'error_incorrect_port'));
 336 }
 337
 338 /**
 339  * Validates positive number
 340  *
 341  * @param string $path
 342  * @param array  $values
 343  * @return array
 344  */
 345 function validate_positive_number($path, $values)
 346 {
 347     return array($path => test_number($path, $values, false, false, PHP_INT_MAX, 'error_nan_p'));
 348 }
 349
 350 /**
 351  * Validates non-negative number
 352  *
 353  * @param string $path
 354  * @param array  $values
 355  * @return array
 356  */
 357 function validate_non_negative_number($path, $values)
 358 {
 359     return array($path => test_number($path, $values, false, true, PHP_INT_MAX, 'error_nan_nneg'));
 360 }
 361 ?>