1: <?php
   2: /**
   3:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
   4:  * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
   5:  *
   6:  * Licensed under The MIT License
   7:  * For full copyright and license information, please see the LICENSE.txt
   8:  * Redistributions of files must retain the above copyright notice.
   9:  *
  10:  * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
  11:  * @link          http://cakephp.org CakePHP(tm) Project
  12:  * @since         CakePHP(tm) v 1.2.0.3830
  13:  * @license       http://www.opensource.org/licenses/mit-license.php MIT License
  14:  */
  15: 
  16: App::uses('Multibyte', 'I18n');
  17: App::uses('File', 'Utility');
  18: App::uses('CakeNumber', 'Utility');
  19: 
  20: // Load multibyte if the extension is missing.
  21: if (!function_exists('mb_strlen')) {
  22:     class_exists('Multibyte');
  23: }
  24: 
  25: /**
  26:  * Validation Class. Used for validation of model data
  27:  *
  28:  * Offers different validation methods.
  29:  *
  30:  * @package       Cake.Utility
  31:  */
  32: class Validation {
  33: 
  34: /**
  35:  * Some complex patterns needed in multiple places
  36:  *
  37:  * @var array
  38:  */
  39:     protected static $_pattern = array(
  40:         'hostname' => '(?:[_\p{L}0-9][-_\p{L}0-9]*\.)*(?:[\p{L}0-9][-\p{L}0-9]{0,62})\.(?:(?:[a-z]{2}\.)?[a-z]{2,})'
  41:     );
  42: 
  43: /**
  44:  * Holds an array of errors messages set in this class.
  45:  * These are used for debugging purposes
  46:  *
  47:  * @var array
  48:  */
  49:     public static $errors = array();
  50: 
  51: /**
  52:  * Checks that a string contains something other than whitespace
  53:  *
  54:  * Returns true if string contains something other than whitespace
  55:  *
  56:  * $check can be passed as an array:
  57:  * array('check' => 'valueToCheck');
  58:  *
  59:  * @param string|array $check Value to check
  60:  * @return bool Success
  61:  */
  62:     public static function notEmpty($check) {
  63:         if (is_array($check)) {
  64:             extract(self::_defaults($check));
  65:         }
  66: 
  67:         if (empty($check) && $check != '0') {
  68:             return false;
  69:         }
  70:         return self::_check($check, '/[^\s]+/m');
  71:     }
  72: 
  73: /**
  74:  * Checks that a string contains only integer or letters
  75:  *
  76:  * Returns true if string contains only integer or letters
  77:  *
  78:  * $check can be passed as an array:
  79:  * array('check' => 'valueToCheck');
  80:  *
  81:  * @param string|array $check Value to check
  82:  * @return bool Success
  83:  */
  84:     public static function alphaNumeric($check) {
  85:         if (is_array($check)) {
  86:             extract(self::_defaults($check));
  87:         }
  88: 
  89:         if (empty($check) && $check != '0') {
  90:             return false;
  91:         }
  92:         return self::_check($check, '/^[\p{Ll}\p{Lm}\p{Lo}\p{Lt}\p{Lu}\p{Nd}]+$/Du');
  93:     }
  94: 
  95: /**
  96:  * Checks that a string length is within s specified range.
  97:  * Spaces are included in the character count.
  98:  * Returns true is string matches value min, max, or between min and max,
  99:  *
 100:  * @param string $check Value to check for length
 101:  * @param int $min Minimum value in range (inclusive)
 102:  * @param int $max Maximum value in range (inclusive)
 103:  * @return bool Success
 104:  */
 105:     public static function between($check, $min, $max) {
 106:         $length = mb_strlen($check);
 107:         return ($length >= $min && $length <= $max);
 108:     }
 109: 
 110: /**
 111:  * Returns true if field is left blank -OR- only whitespace characters are present in its value
 112:  * Whitespace characters include Space, Tab, Carriage Return, Newline
 113:  *
 114:  * $check can be passed as an array:
 115:  * array('check' => 'valueToCheck');
 116:  *
 117:  * @param string|array $check Value to check
 118:  * @return bool Success
 119:  */
 120:     public static function blank($check) {
 121:         if (is_array($check)) {
 122:             extract(self::_defaults($check));
 123:         }
 124:         return !self::_check($check, '/[^\\s]/');
 125:     }
 126: 
 127: /**
 128:  * Validation of credit card numbers.
 129:  * Returns true if $check is in the proper credit card format.
 130:  *
 131:  * @param string|array $check credit card number to validate
 132:  * @param string|array $type 'all' may be passed as a sting, defaults to fast which checks format of most major credit cards
 133:  *    if an array is used only the values of the array are checked.
 134:  *    Example: array('amex', 'bankcard', 'maestro')
 135:  * @param bool $deep set to true this will check the Luhn algorithm of the credit card.
 136:  * @param string $regex A custom regex can also be passed, this will be used instead of the defined regex values
 137:  * @return bool Success
 138:  * @see Validation::luhn()
 139:  */
 140:     public static function cc($check, $type = 'fast', $deep = false, $regex = null) {
 141:         if (is_array($check)) {
 142:             extract(self::_defaults($check));
 143:         }
 144: 
 145:         $check = str_replace(array('-', ' '), '', $check);
 146:         if (mb_strlen($check) < 13) {
 147:             return false;
 148:         }
 149: 
 150:         if ($regex !== null) {
 151:             if (self::_check($check, $regex)) {
 152:                 return self::luhn($check, $deep);
 153:             }
 154:         }
 155:         $cards = array(
 156:             'all' => array(
 157:                 'amex'      => '/^3[4|7]\\d{13}$/',
 158:                 'bankcard'  => '/^56(10\\d\\d|022[1-5])\\d{10}$/',
 159:                 'diners'    => '/^(?:3(0[0-5]|[68]\\d)\\d{11})|(?:5[1-5]\\d{14})$/',
 160:                 'disc'      => '/^(?:6011|650\\d)\\d{12}$/',
 161:                 'electron'  => '/^(?:417500|4917\\d{2}|4913\\d{2})\\d{10}$/',
 162:                 'enroute'   => '/^2(?:014|149)\\d{11}$/',
 163:                 'jcb'       => '/^(3\\d{4}|2100|1800)\\d{11}$/',
 164:                 'maestro'   => '/^(?:5020|6\\d{3})\\d{12}$/',
 165:                 'mc'        => '/^5[1-5]\\d{14}$/',
 166:                 'solo'      => '/^(6334[5-9][0-9]|6767[0-9]{2})\\d{10}(\\d{2,3})?$/',
 167:                 'switch'    => '/^(?:49(03(0[2-9]|3[5-9])|11(0[1-2]|7[4-9]|8[1-2])|36[0-9]{2})\\d{10}(\\d{2,3})?)|(?:564182\\d{10}(\\d{2,3})?)|(6(3(33[0-4][0-9])|759[0-9]{2})\\d{10}(\\d{2,3})?)$/',
 168:                 'visa'      => '/^4\\d{12}(\\d{3})?$/',
 169:                 'voyager'   => '/^8699[0-9]{11}$/'
 170:             ),
 171:             'fast' => '/^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6011[0-9]{12}|3(?:0[0-5]|[68][0-9])[0-9]{11}|3[47][0-9]{13})$/'
 172:         );
 173: 
 174:         if (is_array($type)) {
 175:             foreach ($type as $value) {
 176:                 $regex = $cards['all'][strtolower($value)];
 177: 
 178:                 if (self::_check($check, $regex)) {
 179:                     return self::luhn($check, $deep);
 180:                 }
 181:             }
 182:         } elseif ($type === 'all') {
 183:             foreach ($cards['all'] as $value) {
 184:                 $regex = $value;
 185: 
 186:                 if (self::_check($check, $regex)) {
 187:                     return self::luhn($check, $deep);
 188:                 }
 189:             }
 190:         } else {
 191:             $regex = $cards['fast'];
 192: 
 193:             if (self::_check($check, $regex)) {
 194:                 return self::luhn($check, $deep);
 195:             }
 196:         }
 197:         return false;
 198:     }
 199: 
 200: /**
 201:  * Used to compare 2 numeric values.
 202:  *
 203:  * @param string|array $check1 if string is passed for a string must also be passed for $check2
 204:  *    used as an array it must be passed as array('check1' => value, 'operator' => 'value', 'check2' -> value)
 205:  * @param string $operator Can be either a word or operand
 206:  *    is greater >, is less <, greater or equal >=
 207:  *    less or equal <=, is less <, equal to ==, not equal !=
 208:  * @param int $check2 only needed if $check1 is a string
 209:  * @return bool Success
 210:  */
 211:     public static function comparison($check1, $operator = null, $check2 = null) {
 212:         if (is_array($check1)) {
 213:             extract($check1, EXTR_OVERWRITE);
 214:         }
 215: 
 216:         if ((float)$check1 != $check1) {
 217:             return false;
 218:         }
 219:         $operator = str_replace(array(' ', "\t", "\n", "\r", "\0", "\x0B"), '', strtolower($operator));
 220: 
 221:         switch ($operator) {
 222:             case 'isgreater':
 223:             case '>':
 224:                 if ($check1 > $check2) {
 225:                     return true;
 226:                 }
 227:                 break;
 228:             case 'isless':
 229:             case '<':
 230:                 if ($check1 < $check2) {
 231:                     return true;
 232:                 }
 233:                 break;
 234:             case 'greaterorequal':
 235:             case '>=':
 236:                 if ($check1 >= $check2) {
 237:                     return true;
 238:                 }
 239:                 break;
 240:             case 'lessorequal':
 241:             case '<=':
 242:                 if ($check1 <= $check2) {
 243:                     return true;
 244:                 }
 245:                 break;
 246:             case 'equalto':
 247:             case '==':
 248:                 if ($check1 == $check2) {
 249:                     return true;
 250:                 }
 251:                 break;
 252:             case 'notequal':
 253:             case '!=':
 254:                 if ($check1 != $check2) {
 255:                     return true;
 256:                 }
 257:                 break;
 258:             default:
 259:                 self::$errors[] = __d('cake_dev', 'You must define the $operator parameter for %s', 'Validation::comparison()');
 260:         }
 261:         return false;
 262:     }
 263: 
 264: /**
 265:  * Used when a custom regular expression is needed.
 266:  *
 267:  * @param string|array $check When used as a string, $regex must also be a valid regular expression.
 268:  *    As and array: array('check' => value, 'regex' => 'valid regular expression')
 269:  * @param string $regex If $check is passed as a string, $regex must also be set to valid regular expression
 270:  * @return bool Success
 271:  */
 272:     public static function custom($check, $regex = null) {
 273:         if (is_array($check)) {
 274:             extract(self::_defaults($check));
 275:         }
 276:         if ($regex === null) {
 277:             self::$errors[] = __d('cake_dev', 'You must define a regular expression for %s', 'Validation::custom()');
 278:             return false;
 279:         }
 280:         return self::_check($check, $regex);
 281:     }
 282: 
 283: /**
 284:  * Date validation, determines if the string passed is a valid date.
 285:  * keys that expect full month, day and year will validate leap years.
 286:  *
 287:  * Years are valid from 1800 to 2999.
 288:  *
 289:  * ### Formats:
 290:  *
 291:  * - `dmy` 27-12-2006 or 27-12-06 separators can be a space, period, dash, forward slash
 292:  * - `mdy` 12-27-2006 or 12-27-06 separators can be a space, period, dash, forward slash
 293:  * - `ymd` 2006-12-27 or 06-12-27 separators can be a space, period, dash, forward slash
 294:  * - `dMy` 27 December 2006 or 27 Dec 2006
 295:  * - `Mdy` December 27, 2006 or Dec 27, 2006 comma is optional
 296:  * - `My` December 2006 or Dec 2006
 297:  * - `my` 12/2006 or 12/06 separators can be a space, period, dash, forward slash
 298:  * - `ym` 2006/12 or 06/12 separators can be a space, period, dash, forward slash
 299:  * - `y` 2006 just the year without any separators
 300:  *
 301:  * @param string $check a valid date string
 302:  * @param string|array $format Use a string or an array of the keys above.
 303:  *    Arrays should be passed as array('dmy', 'mdy', etc)
 304:  * @param string $regex If a custom regular expression is used this is the only validation that will occur.
 305:  * @return bool Success
 306:  */
 307:     public static function date($check, $format = 'ymd', $regex = null) {
 308:         if ($regex !== null) {
 309:             return self::_check($check, $regex);
 310:         }
 311:         $month = '(0[123456789]|10|11|12)';
 312:         $separator = '([- /.])';
 313:         $fourDigitYear = '(([1][8-9][0-9][0-9])|([2][0-9][0-9][0-9]))';
 314:         $twoDigitYear = '([0-9]{2})';
 315:         $year = '(?:' . $fourDigitYear . '|' . $twoDigitYear . ')';
 316: 
 317:         $regex['dmy'] = '%^(?:(?:31(\\/|-|\\.|\\x20)(?:0?[13578]|1[02]))\\1|(?:(?:29|30)' .
 318:             $separator . '(?:0?[1,3-9]|1[0-2])\\2))(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$|^(?:29' .
 319:             $separator . '0?2\\3(?:(?:(?:1[6-9]|[2-9]\\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00))))$|^(?:0?[1-9]|1\\d|2[0-8])' .
 320:             $separator . '(?:(?:0?[1-9])|(?:1[0-2]))\\4(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$%';
 321: 
 322:         $regex['mdy'] = '%^(?:(?:(?:0?[13578]|1[02])(\\/|-|\\.|\\x20)31)\\1|(?:(?:0?[13-9]|1[0-2])' .
 323:             $separator . '(?:29|30)\\2))(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$|^(?:0?2' . $separator . '29\\3(?:(?:(?:1[6-9]|[2-9]\\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00))))$|^(?:(?:0?[1-9])|(?:1[0-2]))' .
 324:             $separator . '(?:0?[1-9]|1\\d|2[0-8])\\4(?:(?:1[6-9]|[2-9]\\d)?\\d{2})$%';
 325: 
 326:         $regex['ymd'] = '%^(?:(?:(?:(?:(?:1[6-9]|[2-9]\\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00)))' .
 327:             $separator . '(?:0?2\\1(?:29)))|(?:(?:(?:1[6-9]|[2-9]\\d)?\\d{2})' .
 328:             $separator . '(?:(?:(?:0?[13578]|1[02])\\2(?:31))|(?:(?:0?[1,3-9]|1[0-2])\\2(29|30))|(?:(?:0?[1-9])|(?:1[0-2]))\\2(?:0?[1-9]|1\\d|2[0-8]))))$%';
 329: 
 330:         $regex['dMy'] = '/^((31(?!\\ (Feb(ruary)?|Apr(il)?|June?|(Sep(?=\\b|t)t?|Nov)(ember)?)))|((30|29)(?!\\ Feb(ruary)?))|(29(?=\\ Feb(ruary)?\\ (((1[6-9]|[2-9]\\d)(0[48]|[2468][048]|[13579][26])|((16|[2468][048]|[3579][26])00)))))|(0?[1-9])|1\\d|2[0-8])\\ (Jan(uary)?|Feb(ruary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)|(ne?))|Aug(ust)?|Oct(ober)?|(Sep(?=\\b|t)t?|Nov|Dec)(ember)?)\\ ((1[6-9]|[2-9]\\d)\\d{2})$/';
 331: 
 332:         $regex['Mdy'] = '/^(?:(((Jan(uary)?|Ma(r(ch)?|y)|Jul(y)?|Aug(ust)?|Oct(ober)?|Dec(ember)?)\\ 31)|((Jan(uary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)|(ne?))|Aug(ust)?|Oct(ober)?|(Sep)(tember)?|(Nov|Dec)(ember)?)\\ (0?[1-9]|([12]\\d)|30))|(Feb(ruary)?\\ (0?[1-9]|1\\d|2[0-8]|(29(?=,?\\ ((1[6-9]|[2-9]\\d)(0[48]|[2468][048]|[13579][26])|((16|[2468][048]|[3579][26])00)))))))\\,?\\ ((1[6-9]|[2-9]\\d)\\d{2}))$/';
 333: 
 334:         $regex['My'] = '%^(Jan(uary)?|Feb(ruary)?|Ma(r(ch)?|y)|Apr(il)?|Ju((ly?)|(ne?))|Aug(ust)?|Oct(ober)?|(Sep(?=\\b|t)t?|Nov|Dec)(ember)?)' .
 335:             $separator . '((1[6-9]|[2-9]\\d)\\d{2})$%';
 336: 
 337:         $regex['my'] = '%^(' . $month . $separator . $year . ')$%';
 338:         $regex['ym'] = '%^(' . $year . $separator . $month . ')$%';
 339:         $regex['y'] = '%^(' . $fourDigitYear . ')$%';
 340: 
 341:         $format = (is_array($format)) ? array_values($format) : array($format);
 342:         foreach ($format as $key) {
 343:             if (self::_check($check, $regex[$key]) === true) {
 344:                 return true;
 345:             }
 346:         }
 347:         return false;
 348:     }
 349: 
 350: /**
 351:  * Validates a datetime value
 352:  *
 353:  * All values matching the "date" core validation rule, and the "time" one will be valid
 354:  *
 355:  * @param string $check Value to check
 356:  * @param string|array $dateFormat Format of the date part. See Validation::date for more information.
 357:  * @param string $regex Regex for the date part. If a custom regular expression is used this is the only validation that will occur.
 358:  * @return bool True if the value is valid, false otherwise
 359:  * @see Validation::date
 360:  * @see Validation::time
 361:  */
 362:     public static function datetime($check, $dateFormat = 'ymd', $regex = null) {
 363:         $valid = false;
 364:         $parts = explode(' ', $check);
 365:         if (!empty($parts) && count($parts) > 1) {
 366:             $time = array_pop($parts);
 367:             $date = implode(' ', $parts);
 368:             $valid = self::date($date, $dateFormat, $regex) && self::time($time);
 369:         }
 370:         return $valid;
 371:     }
 372: 
 373: /**
 374:  * Time validation, determines if the string passed is a valid time.
 375:  * Validates time as 24hr (HH:MM) or am/pm ([H]H:MM[a|p]m)
 376:  * Does not allow/validate seconds.
 377:  *
 378:  * @param string $check a valid time string
 379:  * @return bool Success
 380:  */
 381:     public static function time($check) {
 382:         return self::_check($check, '%^((0?[1-9]|1[012])(:[0-5]\d){0,2} ?([AP]M|[ap]m))$|^([01]\d|2[0-3])(:[0-5]\d){0,2}$%');
 383:     }
 384: 
 385: /**
 386:  * Boolean validation, determines if value passed is a boolean integer or true/false.
 387:  *
 388:  * @param string $check a valid boolean
 389:  * @return bool Success
 390:  */
 391:     public static function boolean($check) {
 392:         $booleanList = array(0, 1, '0', '1', true, false);
 393:         return in_array($check, $booleanList, true);
 394:     }
 395: 
 396: /**
 397:  * Checks that a value is a valid decimal. Both the sign and exponent are optional.
 398:  *
 399:  * Valid Places:
 400:  *
 401:  * - null => Any number of decimal places, including none. The '.' is not required.
 402:  * - true => Any number of decimal places greater than 0, or a float|double. The '.' is required.
 403:  * - 1..N => Exactly that many number of decimal places. The '.' is required.
 404:  *
 405:  * @param float $check The value the test for decimal.
 406:  * @param int $places Decimal places.
 407:  * @param string $regex If a custom regular expression is used, this is the only validation that will occur.
 408:  * @return bool Success
 409:  */
 410:     public static function decimal($check, $places = null, $regex = null) {
 411:         if ($regex === null) {
 412:             $lnum = '[0-9]+';
 413:             $dnum = "[0-9]*[\.]{$lnum}";
 414:             $sign = '[+-]?';
 415:             $exp = "(?:[eE]{$sign}{$lnum})?";
 416: 
 417:             if ($places === null) {
 418:                 $regex = "/^{$sign}(?:{$lnum}|{$dnum}){$exp}$/";
 419: 
 420:             } elseif ($places === true) {
 421:                 if (is_float($check) && floor($check) === $check) {
 422:                     $check = sprintf("%.1f", $check);
 423:                 }
 424:                 $regex = "/^{$sign}{$dnum}{$exp}$/";
 425: 
 426:             } elseif (is_numeric($places)) {
 427:                 $places = '[0-9]{' . $places . '}';
 428:                 $dnum = "(?:[0-9]*[\.]{$places}|{$lnum}[\.]{$places})";
 429:                 $regex = "/^{$sign}{$dnum}{$exp}$/";
 430:             }
 431:         }
 432: 
 433:         // account for localized floats.
 434:         $data = localeconv();
 435:         $check = str_replace($data['thousands_sep'], '', $check);
 436:         $check = str_replace($data['decimal_point'], '.', $check);
 437: 
 438:         return self::_check($check, $regex);
 439:     }
 440: 
 441: /**
 442:  * Validates for an email address.
 443:  *
 444:  * Only uses getmxrr() checking for deep validation if PHP 5.3.0+ is used, or
 445:  * any PHP version on a non-windows distribution
 446:  *
 447:  * @param string $check Value to check
 448:  * @param bool $deep Perform a deeper validation (if true), by also checking availability of host
 449:  * @param string $regex Regex to use (if none it will use built in regex)
 450:  * @return bool Success
 451:  */
 452:     public static function email($check, $deep = false, $regex = null) {
 453:         if (is_array($check)) {
 454:             extract(self::_defaults($check));
 455:         }
 456: 
 457:         if ($regex === null) {
 458:             $regex = '/^[\p{L}0-9!#$%&\'*+\/=?^_`{|}~-]+(?:\.[\p{L}0-9!#$%&\'*+\/=?^_`{|}~-]+)*@' . self::$_pattern['hostname'] . '$/ui';
 459:         }
 460:         $return = self::_check($check, $regex);
 461:         if ($deep === false || $deep === null) {
 462:             return $return;
 463:         }
 464: 
 465:         if ($return === true && preg_match('/@(' . self::$_pattern['hostname'] . ')$/i', $check, $regs)) {
 466:             if (function_exists('getmxrr') && getmxrr($regs[1], $mxhosts)) {
 467:                 return true;
 468:             }
 469:             if (function_exists('checkdnsrr') && checkdnsrr($regs[1], 'MX')) {
 470:                 return true;
 471:             }
 472:             return is_array(gethostbynamel($regs[1]));
 473:         }
 474:         return false;
 475:     }
 476: 
 477: /**
 478:  * Check that value is exactly $comparedTo.
 479:  *
 480:  * @param mixed $check Value to check
 481:  * @param mixed $comparedTo Value to compare
 482:  * @return bool Success
 483:  */
 484:     public static function equalTo($check, $comparedTo) {
 485:         return ($check === $comparedTo);
 486:     }
 487: 
 488: /**
 489:  * Check that value has a valid file extension.
 490:  *
 491:  * @param string|array $check Value to check
 492:  * @param array $extensions file extensions to allow. By default extensions are 'gif', 'jpeg', 'png', 'jpg'
 493:  * @return bool Success
 494:  */
 495:     public static function extension($check, $extensions = array('gif', 'jpeg', 'png', 'jpg')) {
 496:         if (is_array($check)) {
 497:             return self::extension(array_shift($check), $extensions);
 498:         }
 499:         $extension = strtolower(pathinfo($check, PATHINFO_EXTENSION));
 500:         foreach ($extensions as $value) {
 501:             if ($extension === strtolower($value)) {
 502:                 return true;
 503:             }
 504:         }
 505:         return false;
 506:     }
 507: 
 508: /**
 509:  * Validation of an IP address.
 510:  *
 511:  * @param string $check The string to test.
 512:  * @param string $type The IP Protocol version to validate against
 513:  * @return bool Success
 514:  */
 515:     public static function ip($check, $type = 'both') {
 516:         $type = strtolower($type);
 517:         $flags = 0;
 518:         if ($type === 'ipv4') {
 519:             $flags = FILTER_FLAG_IPV4;
 520:         }
 521:         if ($type === 'ipv6') {
 522:             $flags = FILTER_FLAG_IPV6;
 523:         }
 524:         return (bool)filter_var($check, FILTER_VALIDATE_IP, array('flags' => $flags));
 525:     }
 526: 
 527: /**
 528:  * Checks whether the length of a string is greater or equal to a minimal length.
 529:  *
 530:  * @param string $check The string to test
 531:  * @param int $min The minimal string length
 532:  * @return bool Success
 533:  */
 534:     public static function minLength($check, $min) {
 535:         return mb_strlen($check) >= $min;
 536:     }
 537: 
 538: /**
 539:  * Checks whether the length of a string is smaller or equal to a maximal length..
 540:  *
 541:  * @param string $check The string to test
 542:  * @param int $max The maximal string length
 543:  * @return bool Success
 544:  */
 545:     public static function maxLength($check, $max) {
 546:         return mb_strlen($check) <= $max;
 547:     }
 548: 
 549: /**
 550:  * Checks that a value is a monetary amount.
 551:  *
 552:  * @param string $check Value to check
 553:  * @param string $symbolPosition Where symbol is located (left/right)
 554:  * @return bool Success
 555:  */
 556:     public static function money($check, $symbolPosition = 'left') {
 557:         $money = '(?!0,?\d)(?:\d{1,3}(?:([, .])\d{3})?(?:\1\d{3})*|(?:\d+))((?!\1)[,.]\d{1,2})?';
 558:         if ($symbolPosition === 'right') {
 559:             $regex = '/^' . $money . '(?<!\x{00a2})\p{Sc}?$/u';
 560:         } else {
 561:             $regex = '/^(?!\x{00a2})\p{Sc}?' . $money . '$/u';
 562:         }
 563:         return self::_check($check, $regex);
 564:     }
 565: 
 566: /**
 567:  * Validate a multiple select. Comparison is case sensitive by default.
 568:  *
 569:  * Valid Options
 570:  *
 571:  * - in => provide a list of choices that selections must be made from
 572:  * - max => maximum number of non-zero choices that can be made
 573:  * - min => minimum number of non-zero choices that can be made
 574:  *
 575:  * @param array $check Value to check
 576:  * @param array $options Options for the check.
 577:  * @param bool $caseInsensitive Set to true for case insensitive comparison.
 578:  * @return bool Success
 579:  */
 580:     public static function multiple($check, $options = array(), $caseInsensitive = false) {
 581:         $defaults = array('in' => null, 'max' => null, 'min' => null);
 582:         $options += $defaults;
 583: 
 584:         $check = array_filter((array)$check);
 585:         if (empty($check)) {
 586:             return false;
 587:         }
 588:         if ($options['max'] && count($check) > $options['max']) {
 589:             return false;
 590:         }
 591:         if ($options['min'] && count($check) < $options['min']) {
 592:             return false;
 593:         }
 594:         if ($options['in'] && is_array($options['in'])) {
 595:             if ($caseInsensitive) {
 596:                 $options['in'] = array_map('mb_strtolower', $options['in']);
 597:             }
 598:             foreach ($check as $val) {
 599:                 $strict = !is_numeric($val);
 600:                 if ($caseInsensitive) {
 601:                     $val = mb_strtolower($val);
 602:                 }
 603:                 if (!in_array((string)$val, $options['in'], $strict)) {
 604:                     return false;
 605:                 }
 606:             }
 607:         }
 608:         return true;
 609:     }
 610: 
 611: /**
 612:  * Checks if a value is numeric.
 613:  *
 614:  * @param string $check Value to check
 615:  * @return bool Success
 616:  */
 617:     public static function numeric($check) {
 618:         return is_numeric($check);
 619:     }
 620: 
 621: /**
 622:  * Checks if a value is a natural number.
 623:  *
 624:  * @param string $check Value to check
 625:  * @param bool $allowZero Set true to allow zero, defaults to false
 626:  * @return bool Success
 627:  * @see http://en.wikipedia.org/wiki/Natural_number
 628:  */
 629:     public static function naturalNumber($check, $allowZero = false) {
 630:         $regex = $allowZero ? '/^(?:0|[1-9][0-9]*)$/' : '/^[1-9][0-9]*$/';
 631:         return self::_check($check, $regex);
 632:     }
 633: 
 634: /**
 635:  * Check that a value is a valid phone number.
 636:  *
 637:  * @param string|array $check Value to check (string or array)
 638:  * @param string $regex Regular expression to use
 639:  * @param string $country Country code (defaults to 'all')
 640:  * @return bool Success
 641:  */
 642:     public static function phone($check, $regex = null, $country = 'all') {
 643:         if (is_array($check)) {
 644:             extract(self::_defaults($check));
 645:         }
 646: 
 647:         if ($regex === null) {
 648:             switch ($country) {
 649:                 case 'us':
 650:                 case 'ca':
 651:                 case 'can': // deprecated three-letter-code
 652:                 case 'all':
 653:                     // includes all NANPA members.
 654:                     // see http://en.wikipedia.org/wiki/North_American_Numbering_Plan#List_of_NANPA_countries_and_territories
 655:                     $regex = '/^(?:(?:\+?1\s*(?:[.-]\s*)?)?';
 656: 
 657:                     // Area code 555, X11 is not allowed.
 658:                     $areaCode = '(?![2-9]11)(?!555)([2-9][0-8][0-9])';
 659:                     $regex .= '(?:\(\s*' . $areaCode . '\s*\)|' . $areaCode . ')';
 660:                     $regex .= '\s*(?:[.-]\s*)?)';
 661: 
 662:                     // Exchange and 555-XXXX numbers
 663:                     $regex .= '(?!(555(?:\s*(?:[.\-\s]\s*))(01([0-9][0-9])|1212)))';
 664:                     $regex .= '(?!(555(01([0-9][0-9])|1212)))';
 665:                     $regex .= '([2-9]1[02-9]|[2-9]1[02-9]|[2-9][02-9]1|[2-9][02-9]{2})\s*(?:[.-]\s*)';
 666: 
 667:                     // Local number and extension
 668:                     $regex .= '?([0-9]{4})';
 669:                     $regex .= '(?:\s*(?:#|x\.?|ext\.?|extension)\s*(\d+))?$/';
 670:                 break;
 671:             }
 672:         }
 673:         if (empty($regex)) {
 674:             return self::_pass('phone', $check, $country);
 675:         }
 676:         return self::_check($check, $regex);
 677:     }
 678: 
 679: /**
 680:  * Checks that a given value is a valid postal code.
 681:  *
 682:  * @param string|array $check Value to check
 683:  * @param string $regex Regular expression to use
 684:  * @param string $country Country to use for formatting
 685:  * @return bool Success
 686:  */
 687:     public static function postal($check, $regex = null, $country = 'us') {
 688:         if (is_array($check)) {
 689:             extract(self::_defaults($check));
 690:         }
 691: 
 692:         if ($regex === null) {
 693:             switch ($country) {
 694:                 case 'uk':
 695:                     $regex = '/\\A\\b[A-Z]{1,2}[0-9][A-Z0-9]? [0-9][ABD-HJLNP-UW-Z]{2}\\b\\z/i';
 696:                     break;
 697:                 case 'ca':
 698:                     $district = '[ABCEGHJKLMNPRSTVYX]';
 699:                     $letters = '[ABCEGHJKLMNPRSTVWXYZ]';
 700:                     $regex = "/\\A\\b{$district}[0-9]{$letters} [0-9]{$letters}[0-9]\\b\\z/i";
 701:                     break;
 702:                 case 'it':
 703:                 case 'de':
 704:                     $regex = '/^[0-9]{5}$/i';
 705:                     break;
 706:                 case 'be':
 707:                     $regex = '/^[1-9]{1}[0-9]{3}$/i';
 708:                     break;
 709:                 case 'us':
 710:                     $regex = '/\\A\\b[0-9]{5}(?:-[0-9]{4})?\\b\\z/i';
 711:                     break;
 712:             }
 713:         }
 714:         if (empty($regex)) {
 715:             return self::_pass('postal', $check, $country);
 716:         }
 717:         return self::_check($check, $regex);
 718:     }
 719: 
 720: /**
 721:  * Validate that a number is in specified range.
 722:  * if $lower and $upper are not set, will return true if
 723:  * $check is a legal finite on this platform
 724:  *
 725:  * @param string $check Value to check
 726:  * @param int|float $lower Lower limit
 727:  * @param int|float $upper Upper limit
 728:  * @return bool Success
 729:  */
 730:     public static function range($check, $lower = null, $upper = null) {
 731:         if (!is_numeric($check)) {
 732:             return false;
 733:         }
 734:         if ((float)$check != $check) {
 735:             return false;
 736:         }
 737:         if (isset($lower) && isset($upper)) {
 738:             return ($check > $lower && $check < $upper);
 739:         }
 740:         return is_finite($check);
 741:     }
 742: 
 743: /**
 744:  * Checks that a value is a valid Social Security Number.
 745:  *
 746:  * @param string|array $check Value to check
 747:  * @param string $regex Regular expression to use
 748:  * @param string $country Country
 749:  * @return bool Success
 750:  */
 751:     public static function ssn($check, $regex = null, $country = null) {
 752:         if (is_array($check)) {
 753:             extract(self::_defaults($check));
 754:         }
 755: 
 756:         if ($regex === null) {
 757:             switch ($country) {
 758:                 case 'dk':
 759:                     $regex = '/\\A\\b[0-9]{6}-[0-9]{4}\\b\\z/i';
 760:                     break;
 761:                 case 'nl':
 762:                     $regex = '/\\A\\b[0-9]{9}\\b\\z/i';
 763:                     break;
 764:                 case 'us':
 765:                     $regex = '/\\A\\b[0-9]{3}-[0-9]{2}-[0-9]{4}\\b\\z/i';
 766:                     break;
 767:             }
 768:         }
 769:         if (empty($regex)) {
 770:             return self::_pass('ssn', $check, $country);
 771:         }
 772:         return self::_check($check, $regex);
 773:     }
 774: 
 775: /**
 776:  * Checks that a value is a valid URL according to http://www.w3.org/Addressing/URL/url-spec.txt
 777:  *
 778:  * The regex checks for the following component parts:
 779:  *
 780:  * - a valid, optional, scheme
 781:  * - a valid ip address OR
 782:  *   a valid domain name as defined by section 2.3.1 of http://www.ietf.org/rfc/rfc1035.txt
 783:  *   with an optional port number
 784:  * - an optional valid path
 785:  * - an optional query string (get parameters)
 786:  * - an optional fragment (anchor tag)
 787:  *
 788:  * @param string $check Value to check
 789:  * @param bool $strict Require URL to be prefixed by a valid scheme (one of http(s)/ftp(s)/file/news/gopher)
 790:  * @return bool Success
 791:  */
 792:     public static function url($check, $strict = false) {
 793:         self::_populateIp();
 794:         $validChars = '([' . preg_quote('!"$&\'()*+,-.@_:;=~[]') . '\/0-9\p{L}\p{N}]|(%[0-9a-f]{2}))';
 795:         $regex = '/^(?:(?:https?|ftps?|sftp|file|news|gopher):\/\/)' . (!empty($strict) ? '' : '?') .
 796:             '(?:' . self::$_pattern['IPv4'] . '|\[' . self::$_pattern['IPv6'] . '\]|' . self::$_pattern['hostname'] . ')(?::[1-9][0-9]{0,4})?' .
 797:             '(?:\/?|\/' . $validChars . '*)?' .
 798:             '(?:\?' . $validChars . '*)?' .
 799:             '(?:#' . $validChars . '*)?$/iu';
 800:         return self::_check($check, $regex);
 801:     }
 802: 
 803: /**
 804:  * Checks if a value is in a given list. Comparison is case sensitive by default.
 805:  *
 806:  * @param string $check Value to check.
 807:  * @param array $list List to check against.
 808:  * @param bool $caseInsensitive Set to true for case insensitive comparison.
 809:  * @return bool Success.
 810:  */
 811:     public static function inList($check, $list, $caseInsensitive = false) {
 812:         if ($caseInsensitive) {
 813:             $list = array_map('mb_strtolower', $list);
 814:             $check = mb_strtolower($check);
 815:         } else {
 816:             $list = array_map('strval', $list);
 817:         }
 818:         return in_array((string)$check, $list, true);
 819:     }
 820: 
 821: /**
 822:  * Runs an user-defined validation.
 823:  *
 824:  * @param string|array $check value that will be validated in user-defined methods.
 825:  * @param object $object class that holds validation method
 826:  * @param string $method class method name for validation to run
 827:  * @param array $args arguments to send to method
 828:  * @return mixed user-defined class class method returns
 829:  */
 830:     public static function userDefined($check, $object, $method, $args = null) {
 831:         return call_user_func_array(array($object, $method), array($check, $args));
 832:     }
 833: 
 834: /**
 835:  * Checks that a value is a valid UUID - http://tools.ietf.org/html/rfc4122
 836:  *
 837:  * @param string $check Value to check
 838:  * @return bool Success
 839:  */
 840:     public static function uuid($check) {
 841:         $regex = '/^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[0-5][a-fA-F0-9]{3}-[089aAbB][a-fA-F0-9]{3}-[a-fA-F0-9]{12}$/';
 842:         return self::_check($check, $regex);
 843:     }
 844: 
 845: /**
 846:  * Attempts to pass unhandled Validation locales to a class starting with $classPrefix
 847:  * and ending with Validation. For example $classPrefix = 'nl', the class would be
 848:  * `NlValidation`.
 849:  *
 850:  * @param string $method The method to call on the other class.
 851:  * @param mixed $check The value to check or an array of parameters for the method to be called.
 852:  * @param string $classPrefix The prefix for the class to do the validation.
 853:  * @return mixed Return of Passed method, false on failure
 854:  */
 855:     protected static function _pass($method, $check, $classPrefix) {
 856:         $className = ucwords($classPrefix) . 'Validation';
 857:         if (!class_exists($className)) {
 858:             trigger_error(__d('cake_dev', 'Could not find %s class, unable to complete validation.', $className), E_USER_WARNING);
 859:             return false;
 860:         }
 861:         if (!method_exists($className, $method)) {
 862:             trigger_error(__d('cake_dev', 'Method %s does not exist on %s unable to complete validation.', $method, $className), E_USER_WARNING);
 863:             return false;
 864:         }
 865:         $check = (array)$check;
 866:         return call_user_func_array(array($className, $method), $check);
 867:     }
 868: 
 869: /**
 870:  * Runs a regular expression match.
 871:  *
 872:  * @param string $check Value to check against the $regex expression
 873:  * @param string $regex Regular expression
 874:  * @return bool Success of match
 875:  */
 876:     protected static function _check($check, $regex) {
 877:         if (is_string($regex) && preg_match($regex, $check)) {
 878:             return true;
 879:         }
 880:         return false;
 881:     }
 882: 
 883: /**
 884:  * Get the values to use when value sent to validation method is
 885:  * an array.
 886:  *
 887:  * @param array $params Parameters sent to validation method
 888:  * @return void
 889:  */
 890:     protected static function _defaults($params) {
 891:         self::_reset();
 892:         $defaults = array(
 893:             'check' => null,
 894:             'regex' => null,
 895:             'country' => null,
 896:             'deep' => false,
 897:             'type' => null
 898:         );
 899:         $params += $defaults;
 900:         if ($params['country'] !== null) {
 901:             $params['country'] = mb_strtolower($params['country']);
 902:         }
 903:         return $params;
 904:     }
 905: 
 906: /**
 907:  * Luhn algorithm
 908:  *
 909:  * @param string|array $check Value to check.
 910:  * @param bool $deep If true performs deep check.
 911:  * @return bool Success
 912:  * @see http://en.wikipedia.org/wiki/Luhn_algorithm
 913:  */
 914:     public static function luhn($check, $deep = false) {
 915:         if (is_array($check)) {
 916:             extract(self::_defaults($check));
 917:         }
 918:         if ($deep !== true) {
 919:             return true;
 920:         }
 921:         if ((int)$check === 0) {
 922:             return false;
 923:         }
 924:         $sum = 0;
 925:         $length = strlen($check);
 926: 
 927:         for ($position = 1 - ($length % 2); $position < $length; $position += 2) {
 928:             $sum += $check[$position];
 929:         }
 930: 
 931:         for ($position = ($length % 2); $position < $length; $position += 2) {
 932:             $number = $check[$position] * 2;
 933:             $sum += ($number < 10) ? $number : $number - 9;
 934:         }
 935: 
 936:         return ($sum % 10 === 0);
 937:     }
 938: 
 939: /**
 940:  * Checks the mime type of a file.
 941:  *
 942:  * @param string|array $check Value to check.
 943:  * @param array|string $mimeTypes Array of mime types or regex pattern to check.
 944:  * @return bool Success
 945:  * @throws CakeException when mime type can not be determined.
 946:  */
 947:     public static function mimeType($check, $mimeTypes = array()) {
 948:         if (is_array($check) && isset($check['tmp_name'])) {
 949:             $check = $check['tmp_name'];
 950:         }
 951: 
 952:         $File = new File($check);
 953:         $mime = $File->mime();
 954: 
 955:         if ($mime === false) {
 956:             throw new CakeException(__d('cake_dev', 'Can not determine the mimetype.'));
 957:         }
 958: 
 959:         if (is_string($mimeTypes)) {
 960:             return self::_check($mime, $mimeTypes);
 961:         }
 962: 
 963:         foreach ($mimeTypes as $key => $val) {
 964:             $mimeTypes[$key] = strtolower($val);
 965:         }
 966:         return in_array($mime, $mimeTypes);
 967:     }
 968: 
 969: /**
 970:  * Checks the filesize
 971:  *
 972:  * @param string|array $check Value to check.
 973:  * @param string $operator See `Validation::comparison()`.
 974:  * @param int|string $size Size in bytes or human readable string like '5MB'.
 975:  * @return bool Success
 976:  */
 977:     public static function fileSize($check, $operator = null, $size = null) {
 978:         if (is_array($check) && isset($check['tmp_name'])) {
 979:             $check = $check['tmp_name'];
 980:         }
 981: 
 982:         if (is_string($size)) {
 983:             $size = CakeNumber::fromReadableSize($size);
 984:         }
 985:         $filesize = filesize($check);
 986: 
 987:         return self::comparison($filesize, $operator, $size);
 988:     }
 989: 
 990: /**
 991:  * Checking for upload errors
 992:  *
 993:  * @param string|array $check Value to check.
 994:  * @return bool
 995:  * @see http://www.php.net/manual/en/features.file-upload.errors.php
 996:  */
 997:     public static function uploadError($check) {
 998:         if (is_array($check) && isset($check['error'])) {
 999:             $check = $check['error'];
1000:         }
1001: 
1002:         return (int)$check === UPLOAD_ERR_OK;
1003:     }
1004: 
1005: /**
1006:  * Lazily populate the IP address patterns used for validations
1007:  *
1008:  * @return void
1009:  */
1010:     protected static function _populateIp() {
1011:         if (!isset(self::$_pattern['IPv6'])) {
1012:             $pattern = '((([0-9A-Fa-f]{1,4}:){7}(([0-9A-Fa-f]{1,4})|:))|(([0-9A-Fa-f]{1,4}:){6}';
1013:             $pattern .= '(:|((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})';
1014:             $pattern .= '|(:[0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){5}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})';
1015:             $pattern .= '(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:)';
1016:             $pattern .= '{4}(:[0-9A-Fa-f]{1,4}){0,1}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2}))';
1017:             $pattern .= '{3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){3}(:[0-9A-Fa-f]{1,4}){0,2}';
1018:             $pattern .= '((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|';
1019:             $pattern .= '((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){2}(:[0-9A-Fa-f]{1,4}){0,3}';
1020:             $pattern .= '((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2}))';
1021:             $pattern .= '{3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:)(:[0-9A-Fa-f]{1,4})';
1022:             $pattern .= '{0,4}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)';
1023:             $pattern .= '|((:[0-9A-Fa-f]{1,4}){1,2})))|(:(:[0-9A-Fa-f]{1,4}){0,5}((:((25[0-5]|2[0-4]';
1024:             $pattern .= '\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4})';
1025:             $pattern .= '{1,2})))|(((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})))(%.+)?';
1026: 
1027:             self::$_pattern['IPv6'] = $pattern;
1028:         }
1029:         if (!isset(self::$_pattern['IPv4'])) {
1030:             $pattern = '(?:(?:25[0-5]|2[0-4][0-9]|(?:(?:1[0-9])?|[1-9]?)[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|(?:(?:1[0-9])?|[1-9]?)[0-9])';
1031:             self::$_pattern['IPv4'] = $pattern;
1032:         }
1033:     }
1034: 
1035: /**
1036:  * Reset internal variables for another validation run.
1037:  *
1038:  * @return void
1039:  */
1040:     protected static function _reset() {
1041:         self::$errors = array();
1042:     }
1043: 
1044: }
1045: