OXID eShop CE  4.8.10
 All Classes Files Functions Variables Pages
oxinputvalidator.php
Go to the documentation of this file.
1 <?php
2 
7 class oxInputValidator extends oxSuperCfg
8 {
9 
13  const INVALID_ACCOUNT_NUMBER = -5;
14 
18  const INVALID_BANK_CODE = -4;
19 
25  private static $_instance = null;
26 
32  protected $_aRequiredCCFields = array( 'kktype',
33  'kknumber',
34  'kkmonth',
35  'kkyear',
36  'kkname',
37  'kkpruef'
38  );
39 
45  protected $_aInputValidationErrors = array();
46 
52  protected $_aPossibleCCType = array( 'mcd', // Master Card
53  'vis', // Visa
54  'amx', // American Express
55  'dsc', // Discover
56  'dnc', // Diners Club
57  'jcb', // JCB
58  'swi', // Switch
59  'dlt', // Delta
60  'enr' // EnRoute
61  );
62 
68  protected $_aRequiredDCFields = array( 'lsbankname',
69  'lsktonr',
70  'lsktoinhaber'
71  );
72 
77  public function __construct()
78  {
79  }
80 
88  static function getInstance()
89  {
90  return oxRegistry::get("oxInputValidator");
91  }
92 
102  public function validateBasketAmount( $dAmount )
103  {
104  $dAmount = str_replace( ',', '.', $dAmount );
105 
106  if ( !is_numeric( $dAmount ) || $dAmount < 0) {
110  $oEx = oxNew( 'oxArticleInputException' );
111  $oEx->setMessage('ERROR_MESSAGE_INPUT_INVALIDAMOUNT');
112  throw $oEx;
113  }
114 
115  if ( !oxRegistry::getConfig()->getConfigParam( 'blAllowUnevenAmounts' ) ) {
116  $dAmount = round( ( string ) $dAmount );
117  }
118 
119  //negative amounts are not allowed
120  //$dAmount = abs($dAmount);
121 
122  return $dAmount;
123  }
124 
139  public function checkLogin( $oUser, $sLogin, $aInvAddress )
140  {
141  // check only for users with password during registration
142  // if user wants to change user name - we must check if passwords are ok before changing
143  if ( $oUser->oxuser__oxpassword->value && $sLogin != $oUser->oxuser__oxusername->value ) {
144 
145  // on this case password must be taken directly from request
146  $sNewPass = (isset( $aInvAddress['oxuser__oxpassword']) && $aInvAddress['oxuser__oxpassword'] )?$aInvAddress['oxuser__oxpassword']:oxConfig::getParameter( 'user_password' );
147  if ( !$sNewPass ) {
148 
149  // 1. user forgot to enter password
150  $oEx = oxNew( 'oxInputException' );
151  $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS');
152 
153  return $this->_addValidationError( "oxuser__oxpassword", $oEx );
154  } else {
155 
156  // 2. entered wrong password
157  if ( !$oUser->isSamePassword( $sNewPass ) ) {
158  $oEx = oxNew( 'oxUserException' );
159  $oEx->setMessage('ERROR_MESSAGE_USER_PWDDONTMATCH');
160 
161  return $this->_addValidationError( "oxuser__oxpassword", $oEx );
162  }
163  }
164  }
165 
166  if ( $oUser->checkIfEmailExists( $sLogin ) ) {
167  //if exists then we do now allow to do that
168  $oEx = oxNew( 'oxUserException' );
169  $oLang = oxRegistry::getLang();
170  $oEx->setMessage( sprintf( $oLang->translateString( 'ERROR_MESSAGE_USER_USEREXISTS', $oLang->getTplLanguage() ), $sLogin ) );
171 
172  return $this->_addValidationError( "oxuser__oxusername", $oEx );
173  }
174  }
175 
185  public function checkEmail( $oUser, $sEmail )
186  {
187  // missing email address (user login name) ?
188  if ( !$sEmail ) {
189  $oEx = oxNew( 'oxInputException' );
190  $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS');
191 
192  return $this->_addValidationError( "oxuser__oxusername", $oEx );
193  }
194 
195  // invalid email address ?
196  if ( !oxRegistry::getUtils()->isValidEmail( $sEmail ) ) {
197  $oEx = oxNew( 'oxInputException' );
198  $oEx->setMessage( 'ERROR_MESSAGE_INPUT_NOVALIDEMAIL' );
199 
200  return $this->_addValidationError( "oxuser__oxusername", $oEx );
201  }
202  }
203 
215  public function checkPassword( $oUser, $sNewPass, $sConfPass, $blCheckLength = false )
216  {
217  // no password at all
218  if ( $blCheckLength && getStr()->strlen( $sNewPass ) == 0 ) {
219  $oEx = oxNew( 'oxInputException' );
220  $oEx->setMessage('ERROR_MESSAGE_INPUT_EMPTYPASS');
221 
222  return $this->_addValidationError( "oxuser__oxpassword", $oEx );
223  }
224 
225  // password is too short ?
226  if ( $blCheckLength && getStr()->strlen( $sNewPass ) < 6 ) {
227  $oEx = oxNew( 'oxInputException' );
228  $oEx->setMessage('ERROR_MESSAGE_PASSWORD_TOO_SHORT');
229 
230  return $this->_addValidationError( "oxuser__oxpassword", $oEx );
231  }
232 
233  // passwords do not match ?
234  if ( $sNewPass != $sConfPass ) {
235  $oEx = oxNew( 'oxUserException' );
236  $oEx->setMessage('ERROR_MESSAGE_USER_PWDDONTMATCH');
237 
238  return $this->_addValidationError( "oxuser__oxpassword", $oEx );
239  }
240  }
241 
252  public function checkRequiredFields( $oUser, $aInvAddress, $aDelAddress )
253  {
254  // collecting info about required fields
255  $aMustFields = array( 'oxuser__oxfname',
256  'oxuser__oxlname',
257  'oxuser__oxstreetnr',
258  'oxuser__oxstreet',
259  'oxuser__oxzip',
260  'oxuser__oxcity' );
261 
262  // config should override default fields
263  $aMustFillFields = $this->getConfig()->getConfigParam( 'aMustFillFields' );
264  if ( is_array( $aMustFillFields ) ) {
265  $aMustFields = $aMustFillFields;
266  }
267 
268  // assuring data to check
269  $aInvAddress = is_array( $aInvAddress )?$aInvAddress:array();
270  $aDelAddress = is_array( $aDelAddress )?$aDelAddress:array();
271 
272  // collecting fields
273  $aFields = array_merge( $aInvAddress, $aDelAddress );
274 
275 
276  // check delivery address ?
277  $blCheckDel = false;
278  if ( count( $aDelAddress ) ) {
279  $blCheckDel = true;
280  }
281 
282  // checking
283  foreach ( $aMustFields as $sMustField ) {
284 
285  // A. not nice, but we keep all fields info in one config array, and must support backward compatibility.
286  if ( !$blCheckDel && strpos( $sMustField, 'oxaddress__' ) === 0 ) {
287  continue;
288  }
289 
290  if ( isset( $aFields[$sMustField] ) && is_array( $aFields[$sMustField] ) ) {
291  $this->checkRequiredArrayFields( $oUser, $sMustField, $aFields[$sMustField] );
292  } elseif ( !isset( $aFields[$sMustField] ) || !trim( $aFields[$sMustField] ) ) {
293  $oEx = oxNew( 'oxInputException' );
294  $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS');
295 
296  $this->_addValidationError( $sMustField, $oEx );
297  }
298  }
299  }
300 
310  public function checkRequiredArrayFields( $oUser, $sFieldName, $aFieldValues )
311  {
312  foreach ( $aFieldValues as $sValue ) {
313  if ( !trim( $sValue ) ) {
314  $oEx = oxNew( 'oxInputException' );
315  $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS');
316 
317  $this->_addValidationError( $sFieldName, $oEx );
318  }
319  }
320  }
321 
331  public function checkCountries( $oUser, $aInvAddress, $aDelAddress )
332  {
333  $sBillCtry = isset( $aInvAddress['oxuser__oxcountryid'] ) ? $aInvAddress['oxuser__oxcountryid'] : null;
334  $sDelCtry = isset( $aDelAddress['oxaddress__oxcountryid'] ) ? $aDelAddress['oxaddress__oxcountryid'] : null;
335 
336  if ( $sBillCtry || $sDelCtry ) {
337  $oDb = oxDb::getDb();
338 
339  if ( ( $sBillCtry == $sDelCtry ) || ( !$sBillCtry && $sDelCtry ) || ( $sBillCtry && !$sDelCtry ) ) {
340  $sBillCtry = $sBillCtry ? $sBillCtry : $sDelCtry;
341  $sQ = "select oxactive from oxcountry where oxid = ".$oDb->quote( $sBillCtry )." ";
342  } else {
343  $sQ = "select ( select oxactive from oxcountry where oxid = ".$oDb->quote( $sBillCtry )." ) and
344  ( select oxactive from oxcountry where oxid = ".$oDb->quote( $sDelCtry )." ) ";
345  }
346 
347  if ( !$oDb->getOne( $sQ ) ) {
348  $oEx = oxNew( 'oxUserException' );
349  $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS' );
350 
351  $this->_addValidationError( "oxuser__oxpassword", $oEx );
352  }
353  }
354  }
355 
365  public function checkVatId( $oUser, $aInvAddress )
366  {
367  if ( $aInvAddress['oxuser__oxustid'] ) {
368 
369  if (!($sCountryId = $aInvAddress['oxuser__oxcountryid'])) {
370  // no country
371  return;
372  }
373  $oCountry = oxNew('oxCountry');
374 
375  if ( $oCountry->load( $sCountryId ) && $oCountry->isInEU() ) {
376 
377  if ( strncmp( $aInvAddress['oxuser__oxustid'], $oCountry->getVATIdentificationNumberPrefix(), 2 ) ) {
378  $oEx = oxNew( 'oxInputException' );
379  $oEx->setMessage( 'VAT_MESSAGE_ID_NOT_VALID' );
380  return $this->_addValidationError( "oxuser__oxustid", $oEx );
381  }
382 
383  }
384  }
385  }
386 
392  public function getFieldValidationErrors()
393  {
394  return $this->_aInputValidationErrors;
395  }
396 
402  public function getFirstValidationError()
403  {
404  $oErr = null;
405  $aErr = reset( $this->_aInputValidationErrors );
406  if ( is_array( $aErr ) ) {
407  $oErr = reset( $aErr );
408  }
409  return $oErr;
410  }
411 
420  public function validatePaymentInputData( $sPaymentId, & $aDynValue )
421  {
422  $mxValidationResult = true;
423 
424  switch( $sPaymentId ) {
425  case 'oxidcreditcard':
426  $mxValidationResult = false;
427 
428  $blAllCreditCardInformationSet = $this->_isAllBankInformationSet( $this->_aRequiredCCFields, $aDynValue );
429  $blCreditCardTypeExist = in_array( $aDynValue['kktype'], $this->_aPossibleCCType );
430 
431  if ( $blAllCreditCardInformationSet && $blCreditCardTypeExist ) {
432  $oCardValidator = oxNew( "oxccvalidator" );
433  $mxValidationResult = $oCardValidator->isValidCard(
434  $aDynValue['kknumber'],
435  $aDynValue['kktype'],
436  $aDynValue['kkmonth'].substr( $aDynValue['kkyear'], 2, 2 )
437  );
438  }
439  break;
440 
441  case "oxiddebitnote":
442  $mxValidationResult = false;
443 
444  if ( $this->_isAllBankInformationSet( $this->_aRequiredDCFields, $aDynValue ) ) {
445  $mxValidationResult = $this->_validateDebitNote( $aDynValue );
446  }
447 
448  break;
449  }
450 
451  return $mxValidationResult;
452  }
453 
463  protected function _addValidationError( $sFieldName, $oErr )
464  {
465  return $this->_aInputValidationErrors[$sFieldName][] = $oErr;
466  }
467 
473  protected function _validateDebitNote( $aDebitInformation )
474  {
475  $aDebitInformation = $this->_cleanDebitInformation( $aDebitInformation );
476  $sBankCode = $aDebitInformation['lsblz'];
477  $sAccountNumber = $aDebitInformation['lsktonr'];
478  $oSepaValidator = oxNew( "oxSepaValidator" );
479 
480  if ( empty( $sBankCode ) || $oSepaValidator->isValidBIC( $sBankCode ) ) {
481  $mxValidationResult = true;
482  if ( !$oSepaValidator->isValidIBAN( $sAccountNumber ) ) {
483  $mxValidationResult = self::INVALID_ACCOUNT_NUMBER;
484  }
485  } else {
486  $mxValidationResult = self::INVALID_BANK_CODE;
487  if ( !oxRegistry::getConfig()->getConfigParam( 'blSkipDebitOldBankInfo' ) ) {
488  $mxValidationResult = $this->_validateOldDebitInfo( $aDebitInformation );
489  }
490  }
491 
492  return $mxValidationResult;
493  }
494 
499  protected function _validateOldDebitInfo( $aDebitInfo )
500  {
501  $oStr = getStr();
502  $aDebitInfo = $this->_fixAccountNumber( $aDebitInfo );
503 
504  $mxValidationResult = true;
505 
506  if ( !$oStr->preg_match( "/^\d{5,8}$/", $aDebitInfo['lsblz'] ) ) {
507  // Bank code is invalid
508  $mxValidationResult = self::INVALID_BANK_CODE;
509  }
510 
511  if ( true === $mxValidationResult && !$oStr->preg_match( "/^\d{10,12}$/", $aDebitInfo['lsktonr'] ) ) {
512  // Account number is invalid
513  $mxValidationResult = self::INVALID_ACCOUNT_NUMBER;
514  }
515 
516 
517  return $mxValidationResult;
518  }
519 
525  protected function _fixAccountNumber( $aDebitInfo )
526  {
527  $oStr = getStr();
528 
529  if ( $oStr->strlen( $aDebitInfo['lsktonr'] ) < 10 ) {
530  $sNewNum = str_repeat(
531  '0', 10 - $oStr->strlen( $aDebitInfo['lsktonr'] )
532  ) . $aDebitInfo['lsktonr'];
533  $aDebitInfo['lsktonr'] = $sNewNum;
534  }
535 
536  return $aDebitInfo;
537  }
538 
545  protected function _isAllBankInformationSet( $aRequiredFields, $aBankInformation )
546  {
547  $blResult = true;
548  foreach ( $aRequiredFields as $sFieldName ) {
549  if ( !isset( $aBankInformation[$sFieldName] ) || !trim( $aBankInformation[$sFieldName] ) ) {
550  $blResult = false;
551  break;
552  }
553  }
554 
555  return $blResult;
556  }
557 
563  protected function _cleanDebitInformation( $aDebitInformation )
564  {
565  $aDebitInformation['lsblz'] = str_replace( ' ', '', $aDebitInformation['lsblz'] );
566  $aDebitInformation['lsktonr'] = str_replace( ' ', '', $aDebitInformation['lsktonr'] );
567 
568  return $aDebitInformation;
569  }
570 
579  private function _isVATIdentificationNumberInvalid( $aInvAddress, $oCountry )
580  {
581  return (bool) strncmp( $aInvAddress['oxuser__oxustid'], $oCountry->getVATIdentificationNumberPrefix(), 2 );
582  }
583 
587  protected function _getVatIdValidator()
588  {
589  $oVatCheck = oxNew( 'oxOnlineVatIdCheck' );
590 
591  return $oVatCheck;
592  }
593 }