_hsc = $hsc; $this->_name = $name; $this->_key = md5(time().$name.FORM_SECRET); $this->errors = new Errors(); } function escapeAll() { if ($this->_hsc && !$this->_hsced) { foreach ($this->_vals as $key=>$val) { if (!is_array($val)) { $this->_vals[htmlspecialchars($key)] = htmlspecialchars($val); } else { foreach ($val as $k=>$v) { $this->_vals[htmlspecialchars($key)][htmlspecialchars($k)] = htmlspecialchars($v); } } } $this->_hsced = true; } } function setVals($vals) { $this->_vals = $vals; } function setPost($post) { $this->setVals($post); $this->_hsced = false; $this->escapeAll(); if (!isset($post['_key']) || $post['_key'] != $this->_key) { $this->errors->add('Sorry, this form has expired. Please re-submit your data in a timely manner. If you did not intend to submit this form, you may have been the victim of a CSRF attempt.'); } } function set($key,$val) { if ($this->_hsc) { $key = htmlspecialchars($key); if (!is_array($val)) { $this->_vals[$key] = htmlspecialchars($val); } else { $this->_vals[$key] = array(); foreach ($val as $v) { $this->_vals[$key][] = htmlspecialchars($v); } } } else { $this->_vals[$key] = $val; } } function get($key=NULL) { if ($key === NULL) { return $this->_vals; } else { if ($this->_hsc) { return $this->_vals[htmlspecialchars($key)]; } else { return $this->_vals[$key]; } } } function del($key) { if (isset($this->_vals[$key])) { unset($this->_vals[$key]); } } function save() { global $session; $session->set('form-'.$this->_name,$this); } function load($name) { global $session; if ($session->get('form-'.$name)) { return $session->get('form-'.$name); } else { return new Form($name); } } function clear() { global $session; $this->_vals = array(); if ($session->get('form-'.$this->_name) != null) { $session->delete('form-'.$this->_name); } } function setHsc($which=true) { $this->_hsc = $which; } // form inputs/*{{{*/ function inputText($name,$extras='') { return ''; } function inputCheckbox($name,$value,$extras='') { return 'get($name)) && array_search($value,$this->get($name)) !== false ? ' checked' : '').'/>'; } function inputTextArea($name,$extras='') { return ''.$this->get($name).''; } function inputSelect($name,$values,$extras='') { $return = ''."\n"; foreach ($values as $k=>$v) { $return .= 'get($name) == $k ? ' selected' : '').'>'.$v.''."\n"; } $return .= ''; return $return; } function inputPassword($name,$extras='') { return ''; } function inputHidden($name,$value='') { return ''; } function formTag($name,$action='',$method='post',$other='') { return '

'."\n".$this->inputHidden('_key',$this->_key)."\n"; } /*}}}*/ // validators/*{{{*/ function addValidator($name,$type,$error,$required=false,$regex='') { $this->_validators[$name] = array('type'=>$type,'error'=>$error,'regex'=>$regex,'required'=>$required); } function validates() { foreach ($this->_validators as $name=>$v) { if ($v['type'] == 'regex') { if (!preg_match($v['regex'],$this->get($name))) { $this->errors->add($v['error']); } } else { $valfuncname = 'validate'.capitalize($v['type']); if (!$this->$valfuncname($name,$v['required'])) { $this->errors->add($v['error']); } } } return !$this->errors->errorsExist(); } function validateInteger($name,$required) { return (preg_match('/^\d*$/',$this->get($name)) || ($this->get($name) == '' && !$required)); } function validateFloat($name,$required) { return (preg_match('/^\d*\.?\d*$/',$this->get($name)) || ($this->get($name) == '' && !$required)); } function validateEmail($name,$required) { return (preg_match('/^.+@.+\..+$/',$this->get($name)) || ($this->get($name) == '' && !$required)); } function validatePhone($name,$required) { return ((!preg_match('/[a-zA-Z]/',$this->get($name)) && strlen($this->get($name)) >= 10) || ($this->get($name) == '' && !$required)); } function validateNotnull($name,$required) { return ($this->get($name) != ''); } function validateMatch($name,$required) { return (($this->get($name) != '' && $this->get($name) == $this->get($name.'_match')) || ($this->get($name) == '' && $this->get($name.'_match') == '' && !$required)); } /*}}}*/ } ?>