Location: PHPKode > projects > DynPG > formulars_bin.php
<?php
/* {{{
*   START function public_Valid_form_data_ref102005($_form_type = 1, &$error)
*   }}}
*/
/**
* This function checks received data from a html-<form [...]>-object
* send with the flag method="post" or "get".
* As a result this data is included in the superglobal
* PHP-Arrays $_POST or $_GET.
*
*
* @package Validates html-<form>-data throught different routines.
* @author Daniel Schliebner
* @param integer
* @return boolean true when data is valid, otherwise false
*/
function public_Valid_form_data_ref102005($_form_type = 1, &$error)
{
    $error = 0;

    $_POST = array_map(create_function('$val', 'return !is_array($val)? trim($val): $val;'), $_POST);

    $REMOTE_ADDR = ((!getenv("REMOTE_ADDR")) ? $_SERVER['REMOTE_ADDR'] : getenv("REMOTE_ADDR"));
    $SERVER_NAME = ((!getenv("SERVER_NAME")) ? $_SERVER['SERVER_NAME'] : getenv("SERVER_NAME"));

	if ( !empty($_SESSION['_VALID_FORM_REF102005_IP'])
         && $_SESSION['_VALID_FORM_REF102005_IP'] == $REMOTE_ADDR
		 && in_array(strtolower($_POST['formname']), $_SESSION['_VALID_FORM_NAME'])
		 && (strtolower($_POST['formset']) == 'no' || empty($_POST['formset'])) ) {
            $error = 1;
            return FALSE;
    }

    if(((!getenv("HTTP_USER_AGENT")) ? $_SERVER['HTTP_USER_AGENT'] : getenv("HTTP_USER_AGENT")) == '' ||
       ((!getenv("HTTP_ACCEPT")) ? $_SERVER['HTTP_ACCEPT'] : getenv("HTTP_ACCEPT")) == '' ||
       ((!getenv("HTTP_ACCEPT_LANGUAGE")) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : getenv("HTTP_ACCEPT_LANGUAGE")) == '') {

        $error = 2;
        return FALSE;
    }

    $page = preg_replace('/www./sim', '', $SERVER_NAME, 1);

    if (isset($_SERVER['HTTP_REFERER']) || isset($GLOBALS['cfg']["config_Formular_AcceptReferers"])) {
		$referer_check  = false;
		$referer_accept = Array();

		if (!empty($GLOBALS['cfg']["config_Formular_AcceptReferers"]))
			$referer_accept = explode(',', trim($GLOBALS['cfg']["config_Formular_AcceptReferers"]));

		if (isset($_SERVER['HTTP_REFERER']))
			$referer_accept = (count($referer_accept) > 0)? array_merge($referer_accept, Array($_SERVER['HTTP_REFERER'])): Array($_SERVER['HTTP_REFERER']);

		foreach ($referer_accept as $referer) {
			if ( strpos(trim($referer), $page) !== false ) {
				$referer_check = true;
				break;
		    }
	    }
	    if (! $referer_check) {
	    	$error = 3;
	        return FALSE;
	    }
    }

    if (time() - (integer)$_SESSION['FORM_' . $_POST['formname'] . '_DATA_TIME'] <= 8) {
        $error = 4;
        return FALSE;
    }

    $_VALID_DATA = ( $_form_type==1 ) ? $_POST : $_GET;

    $_all_values = Array();

    foreach ( $_VALID_DATA as $key=>$value )
    {
        if ( is_array($value) ) {
            continue;
        }

        $value                 = trim($value);
        $_required_data        = strpos($key, "/required");
        $_required_mail        = strpos($key, "/mail");
        $_required_usrmail     = strpos($key, "/usrmail");
        $_required_url         = strpos($key, "/url");
        $_required_validcode   = strpos($key, "/validcode");

        // check if a required field is empty
        if ( ( $_required_data || $_required_mail || $_required_usrmail ) && empty($value) ) {
            $error = 5;
            return FALSE;
        }

        // check if a specified field is a correct e-mail-adress
        if ( ( $_required_mail || $_required_usrmail ) && (dynpg_is_valid_EMail(trim($value)) != 0) ) {
            $error = 6;
            return FALSE;
        }

		if ( ( $_required_mail || $_required_usrmail ) && strpos(trim($value),";") ) {
            $error = 6;
            return FALSE;
        }

        // check if a specified field is a correct link-type: "http:" is required in url's!
        if ( $_required_url && !preg_match('#(http://|ftp://|www.)([^\s<>]+).(\w+)#sim', trim($value)) ) {
            $error = 7;
            return FALSE;
        }

        // check if a validcode is correct (captcha)
        if ( $_required_validcode && md5($value) != $_SESSION['_VALID_FORM_REF102005_RND'] ) {
            $error = 8;
            return FALSE;
        }

        if ( preg_match('/(content-type:|bcc:|cc:|to:|from:)/im', $value) ) {
            $error = 9;
            return FALSE;
        }
    }

    return TRUE;
}
/* {{{ FINISHED function private_Is_array_empty_ref102005() }}} */
?>
Return current item: DynPG