1: <?php
  2: /**
  3:  * PHP 5
  4:  *
  5:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
  6:  * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
  7:  *
  8:  * Licensed under The MIT License
  9:  * For full copyright and license information, please see the LICENSE.txt
 10:  * Redistributions of files must retain the above copyright notice.
 11:  *
 12:  * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 13:  * @link          http://cakephp.org CakePHP(tm) Project
 14:  * @since         CakePHP(tm) v 1.2.0.3830
 15:  * @license       http://www.opensource.org/licenses/mit-license.php MIT License
 16:  */
 17: 
 18: App::uses('Multibyte', 'I18n');
 19: App::uses('File', 'Utility');
 20: App::uses('CakeNumber', 'Utility');
 21: 
 22: // Load multibyte if the extension is missing.
 23: if (!function_exists('mb_strlen')) {
 24:     class_exists('Multibyte');
 25: }
 26: 
 27: /**
 28:  * Validation Class. Used for validation of model data
 29:  *
 30:  * Offers different validation methods.
 31:  *
 32:  * @package       Cake.Utility
 33:  */
 34: class Validation {
 35: 
 36: /**
 37:  * Some complex patterns needed in multiple places
 38:  *
 39:  * @var array
 40:  */
 41:     protected static $_pattern = array(
 42:         'hostname' => '(?:[_a-z0-9][-_a-z0-9]*\.)*(?:[a-z0-9][-a-z0-9]{0,62})\.(?:(?:[a-z]{2}\.)?[a-z]{2,})'
 43:     );
 44: 
 45: /**
 46:  * Holds an array of errors messages set in this class.
 47:  * These are used for debugging purposes
 48:  *
 49:  * @var array
 50:  */
 51:     public static $errors = array();
 52: 
 53: /**
 54:  * Checks that a string contains something other than whitespace
 55:  *
 56:  * Returns true if string contains something other than whitespace
 57:  *
 58:  * $check can be passed as an array:
 59:  * array('check' => 'valueToCheck');
 60:  *
 61:  * @param string|array $check Value to check
 62:  * @return boolean Success
 63:  */
 64:     public static function notEmpty($check) {
 65:         if (is_array($check)) {
 66:             extract(self::_defaults($check));
 67:         }
 68: 
 69:         if (empty($check) && $check != '0') {
 70:             return false;
 71:         }
 72:         return self::_check($check, '/[^\s]+/m');
 73:     }
 74: 
 75: /**
 76:  * Checks that a string contains only integer or letters
 77:  *
 78:  * Returns true if string contains only integer or letters
 79:  *
 80:  * $check can be passed as an array:
 81:  * array('check' => 'valueToCheck');
 82:  *
 83:  * @param string|array $check Value to check
 84:  * @return boolean Success
 85:  */
 86:     public static function alphaNumeric($check) {
 87:         if (is_array($check)) {
 88:             extract(self::_defaults($check));
 89:         }
 90: 
 91:         if (empty($check) && $check != '0') {
 92:             return false;
 93:         }
 94:         return self::_check($check, '/^[\p{Ll}\p{Lm}\p{Lo}\p{Lt}\p{Lu}\p{Nd}]+$/Du');
 95:     }
 96: 
 97: /**
 98:  * Checks that a string length is within s specified range.
 99:  * Spaces are included in the character count.
100:  * Returns true is string matches value min, max, or between min and max,
101:  *
102:  * @param string $check Value to check for length
103:  * @param integer $min Minimum value in range (inclusive)
104:  * @param integer $max Maximum value in range (inclusive)
105:  * @return boolean Success
106:  */
107:     public static function between($check, $min, $max) {
108:         $length = mb_strlen($check);
109:         return ($length >= $min && $length <= $max);
110:     }
111: 
112: /**
113:  * Returns true if field is left blank -OR- only whitespace characters are present in its value
114:  * Whitespace characters include Space, Tab, Carriage Return, Newline
115:  *
116:  * $check can be passed as an array:
117:  * array('check' => 'valueToCheck');
118:  *
119:  * @param string|array $check Value to check
120:  * @return boolean Success
121:  */
122:     public static function blank($check) {
123:         if (is_array($check)) {
124:             extract(self::_defaults($check));
125:         }
126:         return !self::_check($check, '/[^\\s]/');
127:     }
128: 
129: /**
130:  * Validation of credit card numbers.
131:  * Returns true if $check is in the proper credit card format.
132:  *
133:  * @param string|array $check credit card number to validate
134:  * @param string|array $type 'all' may be passed as a sting, defaults to fast which checks format of most major credit cards
135:  *    if an array is used only the values of the array are checked.
136:  *    Example: array('amex', 'bankcard', 'maestro')
137:  * @param boolean $deep set to true this will check the Luhn algorithm of the credit card.
138:  * @param string $regex A custom regex can also be passed, this will be used instead of the defined regex values
139:  * @return boolean Success
140:  * @see Validation::luhn()
141:  */
142:     public static function cc($check, $type = 'fast', $deep = false, $regex = null) {
143:         if (is_array($check)) {
144:             extract(self::_defaults($check));
145:         }
146: 
147:         $check = str_replace(array('-', ' '), '', $check);
148:         if (mb_strlen($check) < 13) {
149:             return false;
150:         }
151: 
152:         if ($regex !== null) {
153:             if (self::_check($check, $regex)) {
154:                 return self::luhn($check, $deep);
155:             }
156:         }
157:         $cards = array(
158:             'all' => array(
159:                 'amex'      => '/^3[4|7]\\d{13}$/',
160:                 'bankcard'  => '/^56(10\\d\\d|022[1-5])\\d{10}$/',
161:                 'diners'    => '/^(?:3(0[0-5]|[68]\\d)\\d{11})|(?:5[1-5]\\d{14})$/',
162:                 'disc'      => '/^(?:6011|650\\d)\\d{12}$/',
163:                 'electron'  => '/^(?:417500|4917\\d{2}|4913\\d{2})\\d{10}$/',
164:                 'enroute'   => '/^2(?:014|149)\\d{11}$/',
165:                 'jcb'       => '/^(3\\d{4}|2100|1800)\\d{11}$/',
166:                 'maestro'   => '/^(?:5020|6\\d{3})\\d{12}$/',
167:                 'mc'        => '/^5[1-5]\\d{14}$/',
168:                 'solo'      => '/^(6334[5-9][0-9]|6767[0-9]{2})\\d{10}(\\d{2,3})?$/',
169:                 'switch'    => '/^(?:49(03(0[2-9]|3[5-9])|11(0[1-2]|7[4-9]|8[1-2])|36[0-9]{2})\\d{10}(\\d{2,3})?)|(?:564182\\d{10}(\\d{2,3})?)|(6(3(33[0-4][0-9])|759[0-9]{2})\\d{10}(\\d{2,3})?)$/',
170:                 'visa'      => '/^4\\d{12}(\\d{3})?$/',
171:                 'voyager'   => '/^8699[0-9]{11}$/'
172:             ),
173:             'fast' => '/^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6011[0-9]{12}|3(?:0[0-5]|[68][0-9])[0-9]{11}|3[47][0-9]{13})$/'
174:         );
175: 
176:         if (is_array($type)) {
177:             foreach ($type as $value) {
178:                 $regex = $cards['all'][strtolower($value)];
179: 
180:                 if (self::_check($check, $regex)) {
181:                     return self::luhn($check, $deep);
182:                 }
183:             }
184:         } elseif ($type === 'all') {
185:             foreach ($cards['all'] as $value) {
186:                 $regex = $value;
187: 
188:                 if (self::_check($check, $regex)) {
189:                     return self::luhn($check, $deep);
190:                 }
191:             }
192:         } else {
193:             $regex = $cards['fast'];
194: 
195:             if (self::_check($check, $regex)) {
196:                 return self::luhn($check, $deep);
197:             }
198:         }
199:         return false;
200:     }
201: 
202: /**
203:  * Used to compare 2 numeric values.
204:  *
205:  * @param string|array $check1 if string is passed for a string must also be passed for $check2
206:  *    used as an array it must be passed as array('check1' => value, 'operator' => 'value', 'check2' -> value)
207:  * @param string $operator Can be either a word or operand
208:  *    is greater >, is less <, greater or equal >=
209:  *    less or equal <=, is less <, equal to ==, not equal !=
210:  * @param integer $check2 only needed if $check1 is a string
211:  * @return boolean Success
212:  */
213:     public static function comparison($check1, $operator = null, $check2 = null) {
214:         if (is_array($check1)) {
215:             extract($check1, EXTR_OVERWRITE);
216:         }
217:         $operator = str_replace(array(' ', "\t", "\n", "\r", "\0", "\x0B"), '', strtolower($operator));
218: 
219:         switch ($operator) {
220:             case 'isgreater':
221:             case '>':
222:                 if ($check1 > $check2) {
223:                     return true;
224:                 }
225:                 break;
226:             case 'isless':
227:             case '<':
228:                 if ($check1 < $check2) {
229:                     return true;
230:                 }
231:                 break;
232:             case 'greaterorequal':
233:             case '>=':
234:                 if ($check1 >= $check2) {
235:                     return true;
236:                 }
237:                 break;
238:             case 'lessorequal':
239:             case '<=':
240:                 if ($check1 <= $check2) {
241:                     return true;
242:                 }
243:                 break;
244:             case 'equalto':
245:             case '==':
246:                 if ($check1 == $check2) {
247:                     return true;
248:                 }
249:                 break;
250:             case 'notequal':
251:             case '!=':
252:                 if ($check1 != $check2) {
253:                     return true;
254:                 }
255:                 break;
256:             default:
257:                 self::$errors[] = __d('cake_dev', 'You must define the $operator parameter for Validation::comparison()');
258:         }
259:         return false;
260:     }
261: 
262: /**
263:  * Used when a custom regular expression is needed.
264:  *
265:  * @param string|array $check When used as a string, $regex must also be a valid regular expression.
266:  *                              As and array: array('check' => value, 'regex' => 'valid regular expression')
267:  * @param string $regex If $check is passed as a string, $regex must also be set to valid regular expression
268:  * @return boolean Success
269:  */
270:     public static function custom($check, $regex = null) {
271:         if (is_array($check)) {
272:             extract(self::_defaults($check));
273:         }
274:         if ($regex === null) {
275:             self::$errors[] = __d('cake_dev', 'You must define a regular expression for Validation::custom()');
276:             return false;
277:         }
278:         return self::_check($check, $regex);
279:     }
280: 
281: /**
282:  * Date validation, determines if the string passed is a valid date.
283:  * keys that expect full month, day and year will validate leap years
284:  *
285:  * @param string $check a valid date string
286:  * @param string|array $format Use a string or an array of the keys below. Arrays should be passed as array('dmy', 'mdy', etc)
287:  *        Keys: dmy 27-12-2006 or 27-12-06 separators can be a space, period, dash, forward slash
288:  *              mdy 12-27-2006 or 12-27-06 separators can be a space, period, dash, forward slash
289:  *              ymd 2006-12-27 or 06-12-27 separators can be a space, period, dash, forward slash
290:  *              dMy 27 December 2006 or 27 Dec 2006
291:  *              Mdy December 27, 2006 or Dec 27, 2006 comma is optional
292:  *              My December 2006 or Dec 2006
293:  *              my 12/2006 separators can be a space, period, dash, forward slash
294:  * @param string $regex If a custom regular expression is used this is the only validation that will occur.
295:  * @return boolean Success
296:  */
297:     public static function date($check, $format = 'ymd', $regex = null) {
298:         if ($regex !== null) {
299:             return self::_check($check, $regex);
300:         }
301: 
302:         $regex['dmy'] = '%^(?:(?:31(\\/|-|\\.|\\x20)(?:0?[13578]|1[02]))\\1|(?:(?:29|30)(\\/|-|\\.|\\x20)(?:0?[1,3-9]|1[0-2])\\2))(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$|^(?:29(\\/|-|\\.|\\x20)0?2\\3(?:(?:(?:1[6-9]|[2-9]\\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00))))$|^(?:0?[1-9]|1\\d|2[0-8])(\\/|-|\\.|\\x20)(?:(?:0?[1-9])|(?:1[0-2]))\\4(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$%';
303:         $regex['mdy'] = '%^(?:(?:(?:0?[13578]|1[02])(\\/|-|\\.|\\x20)31)\\1|(?:(?:0?[13-9]|1[0-2])(\\/|-|\\.|\\x20)(?:29|30)\\2))(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$|^(?:0?2(\\/|-|\\.|\\x20)29\\3(?:(?:(?:1[6-9]|[2-9]\\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00))))$|^(?:(?:0?[1-9])|(?:1[0-2]))(\\/|-|\\.|\\x20)(?:0?[1-9]|1\\d|2[0-8])\\4(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$%';
304:         $regex['ymd'] = '%^(?:(?:(?:(?:(?:1[6-9]|[2-9]\\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00)))(\\/|-|\\.|\\x20)(?:0?2\\1(?:29)))|(?:(?:(?:1[6-9]|[2-9]\\d)?\\d{2})(\\/|-|\\.|\\x20)(?:(?:(?:0?[13578]|1[02])\\2(?:31))|(?:(?:0?[1,3-9]|1[0-2])\\2(29|30))|(?:(?:0?[1-9])|(?:1[0-2]))\\2(?:0?[1-9]|1\\d|2[0-8]))))$%';
305:         $regex['dMy'] = '/^((31(?!\\ (Feb(ruary)?|Apr(il)?|June?|(Sep(?=\\b|t)t?|Nov)(ember)?)))|((30|29)(?!\\ Feb(ruary)?))|(29(?=\\ Feb(ruary)?\\ (((1[6-9]|[2-9]\\d)(0[48]|[2468][048]|[13579][26])|((16|[2468][048]|[3579][26])00)))))|(0?[1-9])|1\\d|2[0-8])\\ (Jan(uary)?|Feb(ruary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)|(ne?))|Aug(ust)?|Oct(ober)?|(Sep(?=\\b|t)t?|Nov|Dec)(ember)?)\\ ((1[6-9]|[2-9]\\d)\\d{2})$/';
306:         $regex['Mdy'] = '/^(?:(((Jan(uary)?|Ma(r(ch)?|y)|Jul(y)?|Aug(ust)?|Oct(ober)?|Dec(ember)?)\\ 31)|((Jan(uary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)|(ne?))|Aug(ust)?|Oct(ober)?|(Sep)(tember)?|(Nov|Dec)(ember)?)\\ (0?[1-9]|([12]\\d)|30))|(Feb(ruary)?\\ (0?[1-9]|1\\d|2[0-8]|(29(?=,?\\ ((1[6-9]|[2-9]\\d)(0[48]|[2468][048]|[13579][26])|((16|[2468][048]|[3579][26])00)))))))\\,?\\ ((1[6-9]|[2-9]\\d)\\d{2}))$/';
307:         $regex['My'] = '%^(Jan(uary)?|Feb(ruary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)|(ne?))|Aug(ust)?|Oct(ober)?|(Sep(?=\\b|t)t?|Nov|Dec)(ember)?)[ /]((1[6-9]|[2-9]\\d)\\d{2})$%';
308:         $regex['my'] = '%^((0[123456789]|10|11|12)([- /.])(([1][9][0-9][0-9])|([2][0-9][0-9][0-9])))$%';
309: 
310:         $format = (is_array($format)) ? array_values($format) : array($format);
311:         foreach ($format as $key) {
312:             if (self::_check($check, $regex[$key]) === true) {
313:                 return true;
314:             }
315:         }
316:         return false;
317:     }
318: 
319: /**
320:  * Validates a datetime value
321:  * All values matching the "date" core validation rule, and the "time" one will be valid
322:  *
323:  * @param string $check Value to check
324:  * @param string|array $dateFormat Format of the date part
325:  * Use a string or an array of the keys below. Arrays should be passed as array('dmy', 'mdy', etc)
326:  * ## Keys:
327:  *
328:  * - dmy 27-12-2006 or 27-12-06 separators can be a space, period, dash, forward slash
329:  * - mdy 12-27-2006 or 12-27-06 separators can be a space, period, dash, forward slash
330:  * - ymd 2006-12-27 or 06-12-27 separators can be a space, period, dash, forward slash
331:  * - dMy 27 December 2006 or 27 Dec 2006
332:  * - Mdy December 27, 2006 or Dec 27, 2006 comma is optional
333:  * - My December 2006 or Dec 2006
334:  * - my 12/2006 separators can be a space, period, dash, forward slash
335:  * @param string $regex Regex for the date part. If a custom regular expression is used this is the only validation that will occur.
336:  * @return boolean True if the value is valid, false otherwise
337:  * @see Validation::date
338:  * @see Validation::time
339:  */
340:     public static function datetime($check, $dateFormat = 'ymd', $regex = null) {
341:         $valid = false;
342:         $parts = explode(' ', $check);
343:         if (!empty($parts) && count($parts) > 1) {
344:             $time = array_pop($parts);
345:             $date = implode(' ', $parts);
346:             $valid = self::date($date, $dateFormat, $regex) && self::time($time);
347:         }
348:         return $valid;
349:     }
350: 
351: /**
352:  * Time validation, determines if the string passed is a valid time.
353:  * Validates time as 24hr (HH:MM) or am/pm ([H]H:MM[a|p]m)
354:  * Does not allow/validate seconds.
355:  *
356:  * @param string $check a valid time string
357:  * @return boolean Success
358:  */
359:     public static function time($check) {
360:         return self::_check($check, '%^((0?[1-9]|1[012])(:[0-5]\d){0,2} ?([AP]M|[ap]m))$|^([01]\d|2[0-3])(:[0-5]\d){0,2}$%');
361:     }
362: 
363: /**
364:  * Boolean validation, determines if value passed is a boolean integer or true/false.
365:  *
366:  * @param string $check a valid boolean
367:  * @return boolean Success
368:  */
369:     public static function boolean($check) {
370:         $booleanList = array(0, 1, '0', '1', true, false);
371:         return in_array($check, $booleanList, true);
372:     }
373: 
374: /**
375:  * Checks that a value is a valid decimal. Both the sign and exponent are optional.
376:  *
377:  * Valid Places:
378:  *
379:  * - null => Any number of decimal places, including none. The '.' is not required.
380:  * - true => Any number of decimal places greater than 0, or a float|double. The '.' is required.
381:  * - 1..N => Exactly that many number of decimal places. The '.' is required.
382:  *
383:  * @param float $check The value the test for decimal
384:  * @param integer $places
385:  * @param string $regex If a custom regular expression is used, this is the only validation that will occur.
386:  * @return boolean Success
387:  */
388:     public static function decimal($check, $places = null, $regex = null) {
389:         if ($regex === null) {
390:             $lnum = '[0-9]+';
391:             $dnum = "[0-9]*[\.]{$lnum}";
392:             $sign = '[+-]?';
393:             $exp = "(?:[eE]{$sign}{$lnum})?";
394: 
395:             if ($places === null) {
396:                 $regex = "/^{$sign}(?:{$lnum}|{$dnum}){$exp}$/";
397: 
398:             } elseif ($places === true) {
399:                 if (is_float($check) && floor($check) === $check) {
400:                     $check = sprintf("%.1f", $check);
401:                 }
402:                 $regex = "/^{$sign}{$dnum}{$exp}$/";
403: 
404:             } elseif (is_numeric($places)) {
405:                 $places = '[0-9]{' . $places . '}';
406:                 $dnum = "(?:[0-9]*[\.]{$places}|{$lnum}[\.]{$places})";
407:                 $regex = "/^{$sign}{$dnum}{$exp}$/";
408:             }
409:         }
410:         return self::_check($check, $regex);
411:     }
412: 
413: /**
414:  * Validates for an email address.
415:  *
416:  * Only uses getmxrr() checking for deep validation if PHP 5.3.0+ is used, or
417:  * any PHP version on a non-windows distribution
418:  *
419:  * @param string $check Value to check
420:  * @param boolean $deep Perform a deeper validation (if true), by also checking availability of host
421:  * @param string $regex Regex to use (if none it will use built in regex)
422:  * @return boolean Success
423:  */
424:     public static function email($check, $deep = false, $regex = null) {
425:         if (is_array($check)) {
426:             extract(self::_defaults($check));
427:         }
428: 
429:         if ($regex === null) {
430:             $regex = '/^[a-z0-9!#$%&\'*+\/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&\'*+\/=?^_`{|}~-]+)*@' . self::$_pattern['hostname'] . '$/i';
431:         }
432:         $return = self::_check($check, $regex);
433:         if ($deep === false || $deep === null) {
434:             return $return;
435:         }
436: 
437:         if ($return === true && preg_match('/@(' . self::$_pattern['hostname'] . ')$/i', $check, $regs)) {
438:             if (function_exists('getmxrr') && getmxrr($regs[1], $mxhosts)) {
439:                 return true;
440:             }
441:             if (function_exists('checkdnsrr') && checkdnsrr($regs[1], 'MX')) {
442:                 return true;
443:             }
444:             return is_array(gethostbynamel($regs[1]));
445:         }
446:         return false;
447:     }
448: 
449: /**
450:  * Check that value is exactly $comparedTo.
451:  *
452:  * @param mixed $check Value to check
453:  * @param mixed $comparedTo Value to compare
454:  * @return boolean Success
455:  */
456:     public static function equalTo($check, $comparedTo) {
457:         return ($check === $comparedTo);
458:     }
459: 
460: /**
461:  * Check that value has a valid file extension.
462:  *
463:  * @param string|array $check Value to check
464:  * @param array $extensions file extensions to allow. By default extensions are 'gif', 'jpeg', 'png', 'jpg'
465:  * @return boolean Success
466:  */
467:     public static function extension($check, $extensions = array('gif', 'jpeg', 'png', 'jpg')) {
468:         if (is_array($check)) {
469:             return self::extension(array_shift($check), $extensions);
470:         }
471:         $extension = strtolower(pathinfo($check, PATHINFO_EXTENSION));
472:         foreach ($extensions as $value) {
473:             if ($extension === strtolower($value)) {
474:                 return true;
475:             }
476:         }
477:         return false;
478:     }
479: 
480: /**
481:  * Validation of an IP address.
482:  *
483:  * @param string $check The string to test.
484:  * @param string $type The IP Protocol version to validate against
485:  * @return boolean Success
486:  */
487:     public static function ip($check, $type = 'both') {
488:         $type = strtolower($type);
489:         $flags = 0;
490:         if ($type === 'ipv4') {
491:             $flags = FILTER_FLAG_IPV4;
492:         }
493:         if ($type === 'ipv6') {
494:             $flags = FILTER_FLAG_IPV6;
495:         }
496:         return (boolean)filter_var($check, FILTER_VALIDATE_IP, array('flags' => $flags));
497:     }
498: 
499: /**
500:  * Checks whether the length of a string is greater or equal to a minimal length.
501:  *
502:  * @param string $check The string to test
503:  * @param integer $min The minimal string length
504:  * @return boolean Success
505:  */
506:     public static function minLength($check, $min) {
507:         return mb_strlen($check) >= $min;
508:     }
509: 
510: /**
511:  * Checks whether the length of a string is smaller or equal to a maximal length..
512:  *
513:  * @param string $check The string to test
514:  * @param integer $max The maximal string length
515:  * @return boolean Success
516:  */
517:     public static function maxLength($check, $max) {
518:         return mb_strlen($check) <= $max;
519:     }
520: 
521: /**
522:  * Checks that a value is a monetary amount.
523:  *
524:  * @param string $check Value to check
525:  * @param string $symbolPosition Where symbol is located (left/right)
526:  * @return boolean Success
527:  */
528:     public static function money($check, $symbolPosition = 'left') {
529:         $money = '(?!0,?\d)(?:\d{1,3}(?:([, .])\d{3})?(?:\1\d{3})*|(?:\d+))((?!\1)[,.]\d{1,2})?';
530:         if ($symbolPosition === 'right') {
531:             $regex = '/^' . $money . '(?<!\x{00a2})\p{Sc}?$/u';
532:         } else {
533:             $regex = '/^(?!\x{00a2})\p{Sc}?' . $money . '$/u';
534:         }
535:         return self::_check($check, $regex);
536:     }
537: 
538: /**
539:  * Validate a multiple select.
540:  *
541:  * Valid Options
542:  *
543:  * - in => provide a list of choices that selections must be made from
544:  * - max => maximum number of non-zero choices that can be made
545:  * - min => minimum number of non-zero choices that can be made
546:  *
547:  * @param array $check Value to check
548:  * @param array $options Options for the check.
549:  * @param boolean $strict Defaults to true, set to false to disable strict type check
550:  * @return boolean Success
551:  */
552:     public static function multiple($check, $options = array(), $strict = true) {
553:         $defaults = array('in' => null, 'max' => null, 'min' => null);
554:         $options = array_merge($defaults, $options);
555:         $check = array_filter((array)$check);
556:         if (empty($check)) {
557:             return false;
558:         }
559:         if ($options['max'] && count($check) > $options['max']) {
560:             return false;
561:         }
562:         if ($options['min'] && count($check) < $options['min']) {
563:             return false;
564:         }
565:         if ($options['in'] && is_array($options['in'])) {
566:             foreach ($check as $val) {
567:                 if (!in_array($val, $options['in'], $strict)) {
568:                     return false;
569:                 }
570:             }
571:         }
572:         return true;
573:     }
574: 
575: /**
576:  * Checks if a value is numeric.
577:  *
578:  * @param string $check Value to check
579:  * @return boolean Success
580:  */
581:     public static function numeric($check) {
582:         return is_numeric($check);
583:     }
584: 
585: /**
586:  * Checks if a value is a natural number.
587:  *
588:  * @param string $check Value to check
589:  * @param boolean $allowZero Set true to allow zero, defaults to false
590:  * @return boolean Success
591:  * @see http://en.wikipedia.org/wiki/Natural_number
592:  */
593:     public static function naturalNumber($check, $allowZero = false) {
594:         $regex = $allowZero ? '/^(?:0|[1-9][0-9]*)$/' : '/^[1-9][0-9]*$/';
595:         return self::_check($check, $regex);
596:     }
597: 
598: /**
599:  * Check that a value is a valid phone number.
600:  *
601:  * @param string|array $check Value to check (string or array)
602:  * @param string $regex Regular expression to use
603:  * @param string $country Country code (defaults to 'all')
604:  * @return boolean Success
605:  */
606:     public static function phone($check, $regex = null, $country = 'all') {
607:         if (is_array($check)) {
608:             extract(self::_defaults($check));
609:         }
610: 
611:         if ($regex === null) {
612:             switch ($country) {
613:                 case 'us':
614:                 case 'all':
615:                 case 'can':
616:                     // includes all NANPA members.
617:                     // see http://en.wikipedia.org/wiki/North_American_Numbering_Plan#List_of_NANPA_countries_and_territories
618:                     $regex = '/^(?:\+?1)?[-. ]?\\(?[2-9][0-8][0-9]\\)?[-. ]?[2-9][0-9]{2}[-. ]?[0-9]{4}$/';
619:                 break;
620:             }
621:         }
622:         if (empty($regex)) {
623:             return self::_pass('phone', $check, $country);
624:         }
625:         return self::_check($check, $regex);
626:     }
627: 
628: /**
629:  * Checks that a given value is a valid postal code.
630:  *
631:  * @param string|array $check Value to check
632:  * @param string $regex Regular expression to use
633:  * @param string $country Country to use for formatting
634:  * @return boolean Success
635:  */
636:     public static function postal($check, $regex = null, $country = 'us') {
637:         if (is_array($check)) {
638:             extract(self::_defaults($check));
639:         }
640: 
641:         if ($regex === null) {
642:             switch ($country) {
643:                 case 'uk':
644:                     $regex = '/\\A\\b[A-Z]{1,2}[0-9][A-Z0-9]? [0-9][ABD-HJLNP-UW-Z]{2}\\b\\z/i';
645:                     break;
646:                 case 'ca':
647:                     $district = '[ABCEGHJKLMNPRSTVYX]';
648:                     $letters = '[ABCEGHJKLMNPRSTVWXYZ]';
649:                     $regex = "/\\A\\b{$district}[0-9]{$letters} [0-9]{$letters}[0-9]\\b\\z/i";
650:                     break;
651:                 case 'it':
652:                 case 'de':
653:                     $regex = '/^[0-9]{5}$/i';
654:                     break;
655:                 case 'be':
656:                     $regex = '/^[1-9]{1}[0-9]{3}$/i';
657:                     break;
658:                 case 'us':
659:                     $regex = '/\\A\\b[0-9]{5}(?:-[0-9]{4})?\\b\\z/i';
660:                     break;
661:             }
662:         }
663:         if (empty($regex)) {
664:             return self::_pass('postal', $check, $country);
665:         }
666:         return self::_check($check, $regex);
667:     }
668: 
669: /**
670:  * Validate that a number is in specified range.
671:  * if $lower and $upper are not set, will return true if
672:  * $check is a legal finite on this platform
673:  *
674:  * @param string $check Value to check
675:  * @param integer $lower Lower limit
676:  * @param integer $upper Upper limit
677:  * @return boolean Success
678:  */
679:     public static function range($check, $lower = null, $upper = null) {
680:         if (!is_numeric($check)) {
681:             return false;
682:         }
683:         if (isset($lower) && isset($upper)) {
684:             return ($check > $lower && $check < $upper);
685:         }
686:         return is_finite($check);
687:     }
688: 
689: /**
690:  * Checks that a value is a valid Social Security Number.
691:  *
692:  * @param string|array $check Value to check
693:  * @param string $regex Regular expression to use
694:  * @param string $country Country
695:  * @return boolean Success
696:  */
697:     public static function ssn($check, $regex = null, $country = null) {
698:         if (is_array($check)) {
699:             extract(self::_defaults($check));
700:         }
701: 
702:         if ($regex === null) {
703:             switch ($country) {
704:                 case 'dk':
705:                     $regex = '/\\A\\b[0-9]{6}-[0-9]{4}\\b\\z/i';
706:                     break;
707:                 case 'nl':
708:                     $regex = '/\\A\\b[0-9]{9}\\b\\z/i';
709:                     break;
710:                 case 'us':
711:                     $regex = '/\\A\\b[0-9]{3}-[0-9]{2}-[0-9]{4}\\b\\z/i';
712:                     break;
713:             }
714:         }
715:         if (empty($regex)) {
716:             return self::_pass('ssn', $check, $country);
717:         }
718:         return self::_check($check, $regex);
719:     }
720: 
721: /**
722:  * Checks that a value is a valid URL according to http://www.w3.org/Addressing/URL/url-spec.txt
723:  *
724:  * The regex checks for the following component parts:
725:  *
726:  * - a valid, optional, scheme
727:  * - a valid ip address OR
728:  *   a valid domain name as defined by section 2.3.1 of http://www.ietf.org/rfc/rfc1035.txt
729:  *   with an optional port number
730:  * - an optional valid path
731:  * - an optional query string (get parameters)
732:  * - an optional fragment (anchor tag)
733:  *
734:  * @param string $check Value to check
735:  * @param boolean $strict Require URL to be prefixed by a valid scheme (one of http(s)/ftp(s)/file/news/gopher)
736:  * @return boolean Success
737:  */
738:     public static function url($check, $strict = false) {
739:         self::_populateIp();
740:         $validChars = '([' . preg_quote('!"$&\'()*+,-.@_:;=~[]') . '\/0-9a-z\p{L}\p{N}]|(%[0-9a-f]{2}))';
741:         $regex = '/^(?:(?:https?|ftps?|sftp|file|news|gopher):\/\/)' . (!empty($strict) ? '' : '?') .
742:             '(?:' . self::$_pattern['IPv4'] . '|\[' . self::$_pattern['IPv6'] . '\]|' . self::$_pattern['hostname'] . ')(?::[1-9][0-9]{0,4})?' .
743:             '(?:\/?|\/' . $validChars . '*)?' .
744:             '(?:\?' . $validChars . '*)?' .
745:             '(?:#' . $validChars . '*)?$/iu';
746:         return self::_check($check, $regex);
747:     }
748: 
749: /**
750:  * Checks if a value is in a given list.
751:  *
752:  * @param string $check Value to check
753:  * @param array $list List to check against
754:  * @param boolean $strict Defaults to true, set to false to disable strict type check
755:  * @return boolean Success
756:  */
757:     public static function inList($check, $list, $strict = true) {
758:         return in_array($check, $list, $strict);
759:     }
760: 
761: /**
762:  * Runs an user-defined validation.
763:  *
764:  * @param string|array $check value that will be validated in user-defined methods.
765:  * @param object $object class that holds validation method
766:  * @param string $method class method name for validation to run
767:  * @param array $args arguments to send to method
768:  * @return mixed user-defined class class method returns
769:  */
770:     public static function userDefined($check, $object, $method, $args = null) {
771:         return call_user_func_array(array($object, $method), array($check, $args));
772:     }
773: 
774: /**
775:  * Checks that a value is a valid uuid - http://tools.ietf.org/html/rfc4122
776:  *
777:  * @param string $check Value to check
778:  * @return boolean Success
779:  */
780:     public static function uuid($check) {
781:         $regex = '/^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[1-5][a-fA-F0-9]{3}-[89aAbB][a-fA-F0-9]{3}-[a-fA-F0-9]{12}$/';
782:         return self::_check($check, $regex);
783:     }
784: 
785: /**
786:  * Attempts to pass unhandled Validation locales to a class starting with $classPrefix
787:  * and ending with Validation. For example $classPrefix = 'nl', the class would be
788:  * `NlValidation`.
789:  *
790:  * @param string $method The method to call on the other class.
791:  * @param mixed $check The value to check or an array of parameters for the method to be called.
792:  * @param string $classPrefix The prefix for the class to do the validation.
793:  * @return mixed Return of Passed method, false on failure
794:  */
795:     protected static function _pass($method, $check, $classPrefix) {
796:         $className = ucwords($classPrefix) . 'Validation';
797:         if (!class_exists($className)) {
798:             trigger_error(__d('cake_dev', 'Could not find %s class, unable to complete validation.', $className), E_USER_WARNING);
799:             return false;
800:         }
801:         if (!method_exists($className, $method)) {
802:             trigger_error(__d('cake_dev', 'Method %s does not exist on %s unable to complete validation.', $method, $className), E_USER_WARNING);
803:             return false;
804:         }
805:         $check = (array)$check;
806:         return call_user_func_array(array($className, $method), $check);
807:     }
808: 
809: /**
810:  * Runs a regular expression match.
811:  *
812:  * @param string $check Value to check against the $regex expression
813:  * @param string $regex Regular expression
814:  * @return boolean Success of match
815:  */
816:     protected static function _check($check, $regex) {
817:         if (is_string($regex) && preg_match($regex, $check)) {
818:             return true;
819:         }
820:         return false;
821:     }
822: 
823: /**
824:  * Get the values to use when value sent to validation method is
825:  * an array.
826:  *
827:  * @param array $params Parameters sent to validation method
828:  * @return void
829:  */
830:     protected static function _defaults($params) {
831:         self::_reset();
832:         $defaults = array(
833:             'check' => null,
834:             'regex' => null,
835:             'country' => null,
836:             'deep' => false,
837:             'type' => null
838:         );
839:         $params = array_merge($defaults, $params);
840:         if ($params['country'] !== null) {
841:             $params['country'] = mb_strtolower($params['country']);
842:         }
843:         return $params;
844:     }
845: 
846: /**
847:  * Luhn algorithm
848:  *
849:  * @param string|array $check
850:  * @param boolean $deep
851:  * @return boolean Success
852:  * @see http://en.wikipedia.org/wiki/Luhn_algorithm
853:  */
854:     public static function luhn($check, $deep = false) {
855:         if (is_array($check)) {
856:             extract(self::_defaults($check));
857:         }
858:         if ($deep !== true) {
859:             return true;
860:         }
861:         if ((int)$check === 0) {
862:             return false;
863:         }
864:         $sum = 0;
865:         $length = strlen($check);
866: 
867:         for ($position = 1 - ($length % 2); $position < $length; $position += 2) {
868:             $sum += $check[$position];
869:         }
870: 
871:         for ($position = ($length % 2); $position < $length; $position += 2) {
872:             $number = $check[$position] * 2;
873:             $sum += ($number < 10) ? $number : $number - 9;
874:         }
875: 
876:         return ($sum % 10 === 0);
877:     }
878: 
879: /**
880:  * Checks the mime type of a file
881:  *
882:  * @param string|array $check
883:  * @param array $mimeTypes to check for
884:  * @return boolean Success
885:  * @throws CakeException when mime type can not be determined.
886:  */
887:     public static function mimeType($check, $mimeTypes = array()) {
888:         if (is_array($check) && isset($check['tmp_name'])) {
889:             $check = $check['tmp_name'];
890:         }
891: 
892:         $File = new File($check);
893:         $mime = $File->mime();
894: 
895:         if ($mime === false) {
896:             throw new CakeException(__d('cake_dev', 'Can not determine the mimetype.'));
897:         }
898:         return in_array($mime, $mimeTypes);
899:     }
900: 
901: /**
902:  * Checks the filesize
903:  *
904:  * @param string|array $check
905:  * @param integer|string $size Size in bytes or human readable string like '5MB'
906:  * @param string $operator See `Validation::comparison()`
907:  * @return boolean Success
908:  */
909:     public static function fileSize($check, $operator = null, $size = null) {
910:         if (is_array($check) && isset($check['tmp_name'])) {
911:             $check = $check['tmp_name'];
912:         }
913: 
914:         if (is_string($size)) {
915:             $size = CakeNumber::fromReadableSize($size);
916:         }
917:         $filesize = filesize($check);
918: 
919:         return self::comparison($filesize, $operator, $size);
920:     }
921: 
922: /**
923:  * Checking for upload errors
924:  *
925:  * @param string|array $check
926:  * @return boolean
927:  * @see http://www.php.net/manual/en/features.file-upload.errors.php
928:  */
929:     public static function uploadError($check) {
930:         if (is_array($check) && isset($check['error'])) {
931:             $check = $check['error'];
932:         }
933: 
934:         return $check === UPLOAD_ERR_OK;
935:     }
936: 
937: /**
938:  * Lazily populate the IP address patterns used for validations
939:  *
940:  * @return void
941:  */
942:     protected static function _populateIp() {
943:         if (!isset(self::$_pattern['IPv6'])) {
944:             $pattern = '((([0-9A-Fa-f]{1,4}:){7}(([0-9A-Fa-f]{1,4})|:))|(([0-9A-Fa-f]{1,4}:){6}';
945:             $pattern .= '(:|((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})';
946:             $pattern .= '|(:[0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){5}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})';
947:             $pattern .= '(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:)';
948:             $pattern .= '{4}(:[0-9A-Fa-f]{1,4}){0,1}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2}))';
949:             $pattern .= '{3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){3}(:[0-9A-Fa-f]{1,4}){0,2}';
950:             $pattern .= '((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|';
951:             $pattern .= '((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){2}(:[0-9A-Fa-f]{1,4}){0,3}';
952:             $pattern .= '((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2}))';
953:             $pattern .= '{3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:)(:[0-9A-Fa-f]{1,4})';
954:             $pattern .= '{0,4}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)';
955:             $pattern .= '|((:[0-9A-Fa-f]{1,4}){1,2})))|(:(:[0-9A-Fa-f]{1,4}){0,5}((:((25[0-5]|2[0-4]';
956:             $pattern .= '\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4})';
957:             $pattern .= '{1,2})))|(((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})))(%.+)?';
958: 
959:             self::$_pattern['IPv6'] = $pattern;
960:         }
961:         if (!isset(self::$_pattern['IPv4'])) {
962:             $pattern = '(?:(?:25[0-5]|2[0-4][0-9]|(?:(?:1[0-9])?|[1-9]?)[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|(?:(?:1[0-9])?|[1-9]?)[0-9])';
963:             self::$_pattern['IPv4'] = $pattern;
964:         }
965:     }
966: 
967: /**
968:  * Reset internal variables for another validation run.
969:  *
970:  * @return void
971:  */
972:     protected static function _reset() {
973:         self::$errors = array();
974:     }
975: 
976: }
977: