oxinputvalidator.php

Go to the documentation of this file.
00001 <?php
00002 
00007 class oxInputValidator extends oxSuperCfg
00008 {
00009 
00013     const INVALID_ACCOUNT_NUMBER = -5;
00014 
00018     const INVALID_BANK_CODE = -4;
00019 
00025     private static $_instance = null;
00026 
00032     protected $_aRequiredCCFields = array( 'kktype',
00033                                            'kknumber',
00034                                            'kkmonth',
00035                                            'kkyear',
00036                                            'kkname',
00037                                            'kkpruef'
00038                                           );
00039 
00045     protected $_aInputValidationErrors = array();
00046 
00052     protected $_aPossibleCCType = array( 'mcd', // Master Card
00053                                          'vis', // Visa
00054                                          'amx', // American Express
00055                                          'dsc', // Discover
00056                                          'dnc', // Diners Club
00057                                          'jcb', // JCB
00058                                          'swi', // Switch
00059                                          'dlt', // Delta
00060                                          'enr'  // EnRoute
00061                                         );
00062 
00068     protected $_aRequiredDCFields = array( 'lsbankname',
00069                                            'lsktonr',
00070                                            'lsktoinhaber'
00071                                          );
00072 
00077     public function __construct()
00078     {
00079     }
00080 
00088     static function getInstance()
00089     {
00090         return oxRegistry::get("oxInputValidator");
00091     }
00092 
00102     public function validateBasketAmount( $dAmount )
00103     {
00104         $dAmount = str_replace( ',', '.', $dAmount );
00105 
00106         if ( !is_numeric( $dAmount ) || $dAmount < 0) {
00110             $oEx = oxNew( 'oxArticleInputException' );
00111             $oEx->setMessage('ERROR_MESSAGE_INPUT_INVALIDAMOUNT');
00112             throw $oEx;
00113         }
00114 
00115         if ( !oxRegistry::getConfig()->getConfigParam( 'blAllowUnevenAmounts' ) ) {
00116             $dAmount = round( ( string ) $dAmount );
00117         }
00118 
00119         //negative amounts are not allowed
00120         //$dAmount = abs($dAmount);
00121 
00122         return $dAmount;
00123     }
00124 
00139     public function checkLogin( $oUser, $sLogin, $aInvAddress )
00140     {
00141         // check only for users with password during registration
00142         // if user wants to change user name - we must check if passwords are ok before changing
00143         if ( $oUser->oxuser__oxpassword->value && $sLogin != $oUser->oxuser__oxusername->value ) {
00144 
00145             // on this case password must be taken directly from request
00146             $sNewPass = (isset( $aInvAddress['oxuser__oxpassword']) && $aInvAddress['oxuser__oxpassword'] )?$aInvAddress['oxuser__oxpassword']:oxConfig::getParameter( 'user_password' );
00147             if ( !$sNewPass ) {
00148 
00149                 // 1. user forgot to enter password
00150                 $oEx = oxNew( 'oxInputException' );
00151                 $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS');
00152 
00153                 return $this->_addValidationError( "oxuser__oxpassword", $oEx );
00154             } else {
00155 
00156                 // 2. entered wrong password
00157                 if ( !$oUser->isSamePassword( $sNewPass ) ) {
00158                     $oEx = oxNew( 'oxUserException' );
00159                     $oEx->setMessage('ERROR_MESSAGE_USER_PWDDONTMATCH');
00160 
00161                     return $this->_addValidationError( "oxuser__oxpassword", $oEx );
00162                 }
00163             }
00164         }
00165 
00166         if ( $oUser->checkIfEmailExists( $sLogin ) ) {
00167             //if exists then we do now allow to do that
00168             $oEx = oxNew( 'oxUserException' );
00169             $oLang = oxRegistry::getLang();
00170             $oEx->setMessage( sprintf( $oLang->translateString( 'ERROR_MESSAGE_USER_USEREXISTS', $oLang->getTplLanguage() ), $sLogin ) );
00171 
00172             return $this->_addValidationError( "oxuser__oxusername", $oEx );
00173         }
00174     }
00175 
00185     public function checkEmail(  $oUser, $sEmail )
00186     {
00187         // missing email address (user login name) ?
00188         if ( !$sEmail ) {
00189             $oEx = oxNew( 'oxInputException' );
00190             $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS');
00191 
00192             return $this->_addValidationError( "oxuser__oxusername", $oEx );
00193         }
00194 
00195         // invalid email address ?
00196         if ( !oxRegistry::getUtils()->isValidEmail( $sEmail ) ) {
00197             $oEx = oxNew( 'oxInputException' );
00198             $oEx->setMessage( 'ERROR_MESSAGE_INPUT_NOVALIDEMAIL' );
00199 
00200             return $this->_addValidationError( "oxuser__oxusername", $oEx );
00201         }
00202     }
00203 
00215     public function checkPassword( $oUser, $sNewPass, $sConfPass, $blCheckLength = false )
00216     {
00217         //  no password at all
00218         if ( $blCheckLength && getStr()->strlen( $sNewPass ) == 0 ) {
00219             $oEx = oxNew( 'oxInputException' );
00220             $oEx->setMessage('ERROR_MESSAGE_INPUT_EMPTYPASS');
00221 
00222             return $this->_addValidationError( "oxuser__oxpassword", $oEx );
00223         }
00224 
00225         //  password is too short ?
00226         if ( $blCheckLength &&  getStr()->strlen( $sNewPass ) < 6 ) {
00227             $oEx = oxNew( 'oxInputException' );
00228             $oEx->setMessage('ERROR_MESSAGE_PASSWORD_TOO_SHORT');
00229 
00230             return $this->_addValidationError( "oxuser__oxpassword", $oEx );
00231         }
00232 
00233         //  passwords do not match ?
00234         if ( $sNewPass != $sConfPass ) {
00235             $oEx = oxNew( 'oxUserException' );
00236             $oEx->setMessage('ERROR_MESSAGE_USER_PWDDONTMATCH');
00237 
00238             return $this->_addValidationError( "oxuser__oxpassword", $oEx );
00239         }
00240     }
00241 
00252     public function checkRequiredFields( $oUser, $aInvAddress, $aDelAddress )
00253     {
00254         // collecting info about required fields
00255         $aMustFields = array( 'oxuser__oxfname',
00256                               'oxuser__oxlname',
00257                               'oxuser__oxstreetnr',
00258                               'oxuser__oxstreet',
00259                               'oxuser__oxzip',
00260                               'oxuser__oxcity' );
00261 
00262         // config should override default fields
00263         $aMustFillFields = $this->getConfig()->getConfigParam( 'aMustFillFields' );
00264         if ( is_array( $aMustFillFields ) ) {
00265             $aMustFields = $aMustFillFields;
00266         }
00267 
00268         // assuring data to check
00269         $aInvAddress = is_array( $aInvAddress )?$aInvAddress:array();
00270         $aDelAddress = is_array( $aDelAddress )?$aDelAddress:array();
00271 
00272         // collecting fields
00273         $aFields = array_merge( $aInvAddress, $aDelAddress );
00274 
00275 
00276         // check delivery address ?
00277         $blCheckDel = false;
00278         if ( count( $aDelAddress ) ) {
00279             $blCheckDel = true;
00280         }
00281 
00282         // checking
00283         foreach ( $aMustFields as $sMustField ) {
00284 
00285             // A. not nice, but we keep all fields info in one config array, and must support backward compatibility.
00286             if ( !$blCheckDel && strpos( $sMustField, 'oxaddress__' ) === 0 ) {
00287                 continue;
00288             }
00289 
00290             if ( isset( $aFields[$sMustField] ) && is_array( $aFields[$sMustField] ) ) {
00291                 $this->checkRequiredArrayFields( $oUser, $sMustField, $aFields[$sMustField] );
00292             } elseif ( !isset( $aFields[$sMustField] ) || !trim( $aFields[$sMustField] ) ) {
00293                    $oEx = oxNew( 'oxInputException' );
00294                    $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS');
00295 
00296                    $this->_addValidationError( $sMustField, $oEx );
00297             }
00298         }
00299     }
00300 
00310     public function checkRequiredArrayFields( $oUser, $sFieldName, $aFieldValues )
00311     {
00312         foreach ( $aFieldValues as $sValue ) {
00313             if ( !trim( $sValue ) ) {
00314                 $oEx = oxNew( 'oxInputException' );
00315                 $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS');
00316 
00317                 $this->_addValidationError( $sFieldName, $oEx );
00318             }
00319         }
00320     }
00321 
00331     public function checkCountries( $oUser, $aInvAddress, $aDelAddress )
00332     {
00333         $sBillCtry = isset( $aInvAddress['oxuser__oxcountryid'] ) ? $aInvAddress['oxuser__oxcountryid'] : null;
00334         $sDelCtry  = isset( $aDelAddress['oxaddress__oxcountryid'] ) ? $aDelAddress['oxaddress__oxcountryid'] : null;
00335 
00336         if ( $sBillCtry || $sDelCtry ) {
00337             $oDb = oxDb::getDb();
00338 
00339             if ( ( $sBillCtry == $sDelCtry ) || ( !$sBillCtry && $sDelCtry ) || ( $sBillCtry && !$sDelCtry ) ) {
00340                 $sBillCtry = $sBillCtry ? $sBillCtry : $sDelCtry;
00341                 $sQ = "select oxactive from oxcountry where oxid = ".$oDb->quote( $sBillCtry )." ";
00342             } else {
00343                 $sQ = "select ( select oxactive from oxcountry where oxid = ".$oDb->quote( $sBillCtry )." ) and
00344                               ( select oxactive from oxcountry where oxid = ".$oDb->quote( $sDelCtry )." ) ";
00345             }
00346 
00347             if ( !$oDb->getOne( $sQ ) ) {
00348                 $oEx = oxNew( 'oxUserException' );
00349                 $oEx->setMessage('ERROR_MESSAGE_INPUT_NOTALLFIELDS' );
00350 
00351                 $this->_addValidationError( "oxuser__oxpassword", $oEx );
00352             }
00353         }
00354     }
00355 
00365     public function checkVatId( $oUser, $aInvAddress )
00366     {
00367         if ( $aInvAddress['oxuser__oxustid'] ) {
00368 
00369             if (!($sCountryId = $aInvAddress['oxuser__oxcountryid'])) {
00370                 // no country
00371                 return;
00372             }
00373             $oCountry = oxNew('oxCountry');
00374 
00375             if ( $oCountry->load( $sCountryId ) && $oCountry->isInEU() ) {
00376 
00377                     if ( strncmp( $aInvAddress['oxuser__oxustid'], $oCountry->getVATIdentificationNumberPrefix(), 2 ) ) {
00378                         $oEx = oxNew( 'oxInputException' );
00379                         $oEx->setMessage( 'VAT_MESSAGE_ID_NOT_VALID' );
00380                         return $this->_addValidationError( "oxuser__oxustid", $oEx );
00381                     }
00382 
00383             }
00384         }
00385     }
00386 
00392     public function getFieldValidationErrors()
00393     {
00394         return $this->_aInputValidationErrors;
00395     }
00396 
00402     public function getFirstValidationError()
00403     {
00404         $oErr = null;
00405         $aErr = reset( $this->_aInputValidationErrors );
00406         if ( is_array( $aErr ) ) {
00407             $oErr = reset( $aErr );
00408         }
00409         return $oErr;
00410     }
00411 
00420     public function validatePaymentInputData( $sPaymentId, & $aDynValue )
00421     {
00422         $mxValidationResult = true;
00423 
00424         switch( $sPaymentId ) {
00425             case 'oxidcreditcard':
00426                 $mxValidationResult = false;
00427 
00428                 $blAllCreditCardInformationSet = $this->_isAllBankInformationSet( $this->_aRequiredCCFields, $aDynValue );
00429                 $blCreditCardTypeExist = in_array( $aDynValue['kktype'], $this->_aPossibleCCType );
00430 
00431                 if ( $blAllCreditCardInformationSet && $blCreditCardTypeExist ) {
00432                     $oCardValidator = oxNew( "oxccvalidator" );
00433                     $mxValidationResult = $oCardValidator->isValidCard(
00434                                                     $aDynValue['kknumber'],
00435                                                     $aDynValue['kktype'],
00436                                                     $aDynValue['kkmonth'].substr( $aDynValue['kkyear'], 2, 2 )
00437                     );
00438                 }
00439                 break;
00440 
00441             case "oxiddebitnote":
00442                 $mxValidationResult = false;
00443 
00444                 if ( $this->_isAllBankInformationSet( $this->_aRequiredDCFields, $aDynValue ) ) {
00445                     $mxValidationResult = $this->_validateDebitNote( $aDynValue );
00446                 }
00447 
00448                 break;
00449         }
00450 
00451         return $mxValidationResult;
00452     }
00453 
00463     protected function _addValidationError( $sFieldName, $oErr )
00464     {
00465         return $this->_aInputValidationErrors[$sFieldName][] = $oErr;
00466     }
00467 
00473     protected function _validateDebitNote( $aDebitInformation )
00474     {
00475         $aDebitInformation = $this->_cleanDebitInformation( $aDebitInformation );
00476         $sBankCode = $aDebitInformation['lsblz'];
00477         $sAccountNumber = $aDebitInformation['lsktonr'];
00478         $oSepaValidator = oxNew( "oxSepaValidator" );
00479 
00480         if ( empty( $sBankCode ) || $oSepaValidator->isValidBIC( $sBankCode ) ) {
00481             $mxValidationResult = true;
00482             if ( !$oSepaValidator->isValidIBAN( $sAccountNumber ) ) {
00483                 $mxValidationResult = self::INVALID_ACCOUNT_NUMBER;
00484             }
00485         } else {
00486             $mxValidationResult = self::INVALID_BANK_CODE;
00487             if ( !oxRegistry::getConfig()->getConfigParam( 'blSkipDebitOldBankInfo' ) ) {
00488                 $mxValidationResult = $this->_validateOldDebitInfo( $aDebitInformation );
00489             }
00490         }
00491 
00492         return $mxValidationResult;
00493     }
00494 
00499     protected function _validateOldDebitInfo( $aDebitInfo )
00500     {
00501         $oStr       = getStr();
00502         $aDebitInfo = $this->_fixAccountNumber( $aDebitInfo );
00503 
00504         $mxValidationResult = true;
00505 
00506         if ( !$oStr->preg_match( "/^\d{5,8}$/", $aDebitInfo['lsblz'] ) ) {
00507             // Bank code is invalid
00508             $mxValidationResult = self::INVALID_BANK_CODE;
00509         }
00510 
00511         if ( true === $mxValidationResult && !$oStr->preg_match( "/^\d{10,12}$/", $aDebitInfo['lsktonr'] ) ) {
00512             // Account number is invalid
00513             $mxValidationResult = self::INVALID_ACCOUNT_NUMBER;
00514         }
00515 
00516 
00517         return $mxValidationResult;
00518     }
00519 
00525     protected function _fixAccountNumber( $aDebitInfo )
00526     {
00527         $oStr = getStr();
00528 
00529         if ( $oStr->strlen( $aDebitInfo['lsktonr'] ) < 10 ) {
00530             $sNewNum = str_repeat(
00531                            '0', 10 - $oStr->strlen( $aDebitInfo['lsktonr'] )
00532                        ) . $aDebitInfo['lsktonr'];
00533             $aDebitInfo['lsktonr'] = $sNewNum;
00534         }
00535 
00536         return $aDebitInfo;
00537     }
00538 
00545     protected function _isAllBankInformationSet( $aRequiredFields, $aBankInformation )
00546     {
00547         $blResult = true;
00548         foreach ( $aRequiredFields as $sFieldName ) {
00549             if ( !isset( $aBankInformation[$sFieldName] ) || !trim( $aBankInformation[$sFieldName] ) ) {
00550                 $blResult = false;
00551                 break;
00552             }
00553         }
00554 
00555         return $blResult;
00556     }
00557 
00563     protected function _cleanDebitInformation( $aDebitInformation )
00564     {
00565         $aDebitInformation['lsblz']   = str_replace( ' ', '', $aDebitInformation['lsblz'] );
00566         $aDebitInformation['lsktonr'] = str_replace( ' ', '', $aDebitInformation['lsktonr'] );
00567 
00568         return $aDebitInformation;
00569     }
00570 
00579     private function _isVATIdentificationNumberInvalid( $aInvAddress, $oCountry )
00580     {
00581         return (bool) strncmp( $aInvAddress['oxuser__oxustid'], $oCountry->getVATIdentificationNumberPrefix(), 2 );
00582     }
00583 
00587     protected function _getVatIdValidator()
00588     {
00589         $oVatCheck = oxNew( 'oxOnlineVatIdCheck' );
00590 
00591         return $oVatCheck;
00592     }
00593 }
Generated by  doxygen 1.7.1