oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

added input validation functionality

Browse source
This commit is contained in:
Len Kranendonk 2003-02-20 17:01:10 +00:00
parent 40f66d7157
commit ea323fdcac
1 changed files with 153 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

190
lib/WebGUI/Wobject/MailForm.pm
View file

@ -163,9 +163,10 @@ sub www_editSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editField { sub www_editField {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage()); return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
my ($output, %field, $f, %fieldTypes, %fieldStatus); my ($output, %field, $f, %fieldTypes, %fieldStatus, %validation);
tie %field, 'Tie::CPHash'; tie %field, 'Tie::CPHash';
tie %fieldTypes, 'Tie::IxHash'; tie %fieldTypes, 'Tie::IxHash';
tie %validation, 'Tie::IxHash';
%fieldStatus = ( 1 => WebGUI::International::get(4, $namespace), %fieldStatus = ( 1 => WebGUI::International::get(4, $namespace),
2 => WebGUI::International::get(5, $namespace), 2 => WebGUI::International::get(5, $namespace),
@ -183,7 +184,13 @@ sub www_editField {
select => "Drop-Down Box", select => "Drop-Down Box",
); );
%fieldTypes; %validation = ( none => "None",
notnull => "Not empty",
number => "Number",
word => "Word char [a-zA-Z0-9_]",
email => "Valid E-mail address",
);
%field = WebGUI::SQL->quickHash("select * from MailForm_field where MailForm_fieldId='$session{form}{fid}'"); %field = WebGUI::SQL->quickHash("select * from MailForm_field where MailForm_fieldId='$session{form}{fid}'");
$output = helpIcon(2,$_[0]->get("namespace")); $output = helpIcon(2,$_[0]->get("namespace"));
$output .= '<h1>'.WebGUI::International::get(20,$namespace).'</h1>'; $output .= '<h1>'.WebGUI::International::get(20,$namespace).'</h1>';
@ -193,11 +200,27 @@ sub www_editField {
$f->hidden("fid",$session{form}{fid}); $f->hidden("fid",$session{form}{fid});
$f->hidden("func","editFieldSave"); $f->hidden("func","editFieldSave");
$f->text("name",WebGUI::International::get(21,$namespace),$field{name}); $f->text("name",WebGUI::International::get(21,$namespace),$field{name});
$f->text(
-name=>"subtext",
-value=>$field{subtext},
-label=>"Subtext",
-subtext=>"Optional extra text"
);
my $status = [ $field{status} ||= 3 ]; # make it modifiable by default my $status = [ $field{status} ||= 3 ]; # make it modifiable by default
$f->select("status",\%fieldStatus,WebGUI::International::get(22,$namespace),$status); $f->select("status",\%fieldStatus,WebGUI::International::get(22,$namespace),$status);
my $type = [ $field{type} ||= "text" ]; my $type = [ $field{type} ||= "text" ];
$f->select("type",\%fieldTypes,WebGUI::International::get(23,$namespace),$type); $f->select("type",\%fieldTypes,WebGUI::International::get(23,$namespace),$type);
$f->select("validation",\%validation,"Input validation", [$field{validation} || "none"]);
$f->integer("width",WebGUI::International::get(8, $namespace),$field{width} || $_[0]->get("width") || 45); $f->integer("width",WebGUI::International::get(8, $namespace),$field{width} || $_[0]->get("width") || 45);
$f->integer(
-name=>"rows",
-value=>$field{rows} || "",
-label=>WebGUI::International::get(27, $namespace),
-subtext=>WebGUI::International::get(28, $namespace),
);
$f->textarea("possibleValues",WebGUI::International::get(24,$namespace),$field{possibleValues}); $f->textarea("possibleValues",WebGUI::International::get(24,$namespace),$field{possibleValues});
$f->textarea("defaultValue",WebGUI::International::get(25,$namespace),$field{defaultValue}); $f->textarea("defaultValue",WebGUI::International::get(25,$namespace),$field{defaultValue});
$f->yesNo("proceed",WebGUI::International::get(15,$namespace)); $f->yesNo("proceed",WebGUI::International::get(15,$namespace));
@ -222,6 +245,9 @@ sub www_editFieldSave {
", possibleValues=".quote($session{form}{possibleValues}). ", possibleValues=".quote($session{form}{possibleValues}).
", defaultValue=".quote($session{form}{defaultValue}). ", defaultValue=".quote($session{form}{defaultValue}).
", width=".quote($session{form}{width}). ", width=".quote($session{form}{width}).
", rows=".quote($session{form}{rows}).
", validation=".quote($session{form}{validation}).
", subtext=".quote($session{form}{subtext}).
" where MailForm_fieldId=$session{form}{fid}"); " where MailForm_fieldId=$session{form}{fid}");
if ($session{form}{proceed}) { if ($session{form}{proceed}) {
$session{form}{fid} = "new"; $session{form}{fid} = "new";
@ -334,37 +360,62 @@ sub _createField {
SWITCH: for ($data->{type}) { SWITCH: for ($data->{type}) {
/^text$/ && do { /^text$/ && do {
# maxlength, extras, subtext $f->text(
$f->text($name, $data->{name}, $data->{defaultValue}, 255, "", "", -name=>$name,
$data->{width} || $self->get("width")); -label=>$data->{name},
-value=>$session{form}{$name} || $data->{defaultValue},
-maxlength=>255,
-size=>$data->{width} || $self->get("width"),
-subtext=>$data->{subtext},
);
last SWITCH; last SWITCH;
}; };
/^email$/ && do { /^email$/ && do {
# maxlength, extras, subtext $f->email(
$f->email($name, $data->{name}, $data->{defaultValue}, 255, "", "", -name=>$name,
$data->{width} || $self->get("width")); -label=>$data->{name},
-value=>$session{form}{$name} || $data->{defaultValue},
-maxlength=>255,
-size=>$data->{width} || $self->get("width"),
-subtext=>$data->{subtext},
);
last SWITCH; last SWITCH;
}; };
/^url$/ && do { /^url$/ && do {
# maxlength, extras, subtext $f->url(
$f->url($name, $data->{name}, $data->{defaultValue}, 255, "", "", -name=>$name,
$data->{width} || $self->get("width")); -label=>$data->{name},
-value=>$session{form}{$name} || $data->{defaultValue},
-maxlength=>255,
-size=>$data->{width} || $self->get("width"),
-subtext=>$data->{subtext},
);
last SWITCH; last SWITCH;
}; };
/^textarea$/ && do { /^textarea$/ && do {
# subtext, extras, wrap, rows, cols $f->textarea(
$f->textarea($name, $data->{name}, $data->{defaultValue}, "", "", "", 10, -name=>$name,
$data->{width} || $self->get("width") - 9); -label=>$data->{name},
-value=>$session{form}{$name} || $data->{defaultValue},
-maxlength=>255,
-size=>$data->{width} || $self->get("width"),
-subtext=>$data->{subtext},
-columns=>$data->{width} || $self->get("width") - 9,
-rows=>$data->{rows} || 9,
);
last SWITCH; last SWITCH;
}; };
/^date$/ && do { /^date$/ && do {
# extras, subtext $f->date(
$f->date($name, $data->{name}, $data->{defaultValue}, "", "", $data->{width} || 15); # use small size for a date box -name=>$name,
-label=>$data->{name},
-value=>$session{form}{$name} || $data->{defaultValue},
-size=>$data->{width} || $self->get("width"),
-subtext=>$data->{subtext},
);
last SWITCH; last SWITCH;
}; };
/^yesNo$/ && do { /^yesNo$/ && do {
# extras, subtext
# allow user to enter friendly yes/no for default
my $value; my $value;
if ($data->{defaultValue} =~ /yes/i) { if ($data->{defaultValue} =~ /yes/i) {
$value = 1; $value = 1;
@ -373,14 +424,23 @@ sub _createField {
} else { } else {
$value = 2; $value = 2;
} }
$f->yesNo($name, $data->{name}, $value, "", ""); $f->yesNo(
-name=>$name,
-label=>$data->{name},
-value=>$session{form}{$name} || $data->{defaultValue},
-subtext=>$data->{subtext},
);
last SWITCH; last SWITCH;
}; };
/^checkbox$/ && do { /^checkbox$/ && do {
# checked, subtext, extras
# the value option is used for checking the box here
my $value = ($data->{defaultValue} =~ /checked/i) ? 1 : ""; my $value = ($data->{defaultValue} =~ /checked/i) ? 1 : "";
$f->checkbox($name, $data->{name}, $value, "", "", "");
$f->checkbox(
-name=>$name,
-label=>$data->{name},
-value=>$session{form}{$name} || $data->{defaultValue},
-subtext=>$data->{subtext},
);
last SWITCH; last SWITCH;
}; };
/^select$/ && do { /^select$/ && do {
@ -392,7 +452,13 @@ sub _createField {
s/\s+$//; # remove trailing spaces s/\s+$//; # remove trailing spaces
$selectOptions{$_} = $_[0]->processMacros($_); $selectOptions{$_} = $_[0]->processMacros($_);
} }
$f->select($name, \%selectOptions, $data->{name}, [$data->{defaultValue}], "", "", "", ""); $f->selectList(
-name=>$name,
-options=>\%selectOptions,
-label=>$data->{name},
-value=>[$session{form}{$name}] || [$data->{defaultValue}],
-subtext=>$data->{subtext},
);
last SWITCH; last SWITCH;
}; };
/^checkList$/ && do { /^checkList$/ && do {
@ -404,12 +470,23 @@ sub _createField {
s/\s+$//; # remove trailing spaces s/\s+$//; # remove trailing spaces
$selectOptions{$_} = $_[0]->processMacros($_); $selectOptions{$_} = $_[0]->processMacros($_);
} }
# put default values in array if ($session{form}{$name}) {
foreach (split(/\n/, $data->{defaultValue})) { @defaultValues = $session{cgi}->param($name);
s/\s+$//; # remove trailing spaces } else {
push(@defaultValues, $_); # put default values in array
foreach (split(/\n/, $data->{defaultValue})) {
s/\s+$//; # remove trailing spaces
push(@defaultValues, $_);
}
} }
$f->checkList($name, \%selectOptions, $data->{name}, \@defaultValues, $vertical); $f->checkList(
-name=>$name,
-options=>\%selectOptions,
-label=>$data->{name},
-value=>\@defaultValues,
-subtext=>$data->{subtext},
-vertical=>$vertical
);
last SWITCH; last SWITCH;
}; };
/^radioList$/ && do { /^radioList$/ && do {
@ -421,12 +498,23 @@ sub _createField {
s/\s+$//; # remove trailing spaces s/\s+$//; # remove trailing spaces
$selectOptions{$_} = $_[0]->processMacros($_); $selectOptions{$_} = $_[0]->processMacros($_);
} }
# put default values in array if ($session{form}{$name}) {
foreach (split(/\n/, $data->{defaultValue})) { @defaultValues = $session{cgi}->param($name);
s/\s+$//; # remove trailing spaces } else {
push(@defaultValues, $_); # put default values in array
foreach (split(/\n/, $data->{defaultValue})) {
s/\s+$//; # remove trailing spaces
push(@defaultValues, $_);
}
} }
$f->radioList($name, \%selectOptions, $data->{name}, \@defaultValues, $vertical); $f->radioList(
-name=>$name,
-options=>\%selectOptions,
-label=>$data->{name},
-value=>\@defaultValues,
-subtext=>$data->{subtext},
-vertical=>$vertical
);
last SWITCH; last SWITCH;
}; };
@ -491,7 +579,7 @@ sub www_send {
} }
# create the message from all fields # create the message from all fields
my ($message, $sth, %data); my ($message, $sth, %data, $error, $output);
$sth = WebGUI::SQL->read("select * from MailForm_field where wobjectId=".$_[0]->get("wobjectId")." order by sequenceNumber"); $sth = WebGUI::SQL->read("select * from MailForm_field where wobjectId=".$_[0]->get("wobjectId")." order by sequenceNumber");
while (%data = $sth->hash) { while (%data = $sth->hash) {
my $urlizedName = WebGUI::URL::urlize($data{name}); my $urlizedName = WebGUI::URL::urlize($data{name});
@ -506,7 +594,7 @@ sub www_send {
my @values = $session{cgi}->param($urlizedName); my @values = $session{cgi}->param($urlizedName);
$value = join(", ",@values); $value = join(", ",@values);
} }
$error .= $_[0]->_validate($value, $data{validation}, $data{name}); #Validate input
# store results # store results
if ($_[0]->get("storeEntries")) { if ($_[0]->get("storeEntries")) {
WebGUI::SQL->write("insert into MailForm_entryData values ($entryId, ".$_[0]->get("wobjectId").", ".$data{sequenceNumber}.", ".quote($data{name}).", ".quote($value).")"); WebGUI::SQL->write("insert into MailForm_entryData values ($entryId, ".$_[0]->get("wobjectId").", ".$data{sequenceNumber}.", ".quote($data{name}).", ".quote($value).")");
@ -515,7 +603,11 @@ sub www_send {
$data{name} .= ":" unless ($data{name} =~ /:$/); $data{name} .= ":" unless ($data{name} =~ /:$/);
$message .= "$data{name} $value\n"; $message .= "$data{name} $value\n";
} }
my $error; if ($error ne "") {
$output .= $error . $_[0]->www_view;
return $output;
}
my $to = $session{form}{toField}; my $to = $session{form}{toField};
if ($to =~ /\@/) { if ($to =~ /\@/) {
# send a direct email if the To field is an email address # send a direct email if the To field is an email address
@ -543,12 +635,36 @@ sub www_send {
} }
} }
my $output = $_[0]->displayTitle; $output = $_[0]->displayTitle;
$error = $@ if $@; $error = $@ if $@;
$output .= ($error || $_[0]->get("acknowledgement"))."<p>\n<a href=\"./$session{page}{urlizedTitle}\">".WebGUI::International::get(18, $namespace)."</a>"; $output .= ($error || $_[0]->get("acknowledgement"))."<p>\n<a href=\"./$session{page}{urlizedTitle}\">".WebGUI::International::get(18, $namespace)."</a>";
return $output; return $output;
} }
#-------------------------------------------------------------------
sub _validate {
my ($self, $value, $validation, $fieldName) = @_;
return "" if ($validation eq "none");
my %regex = ( notnull => qr/^.+$/,
number => qr/^[\d\.]+$/,
word => qr/^\w+$/,
email => qr/^\s*<?[^@<>]+@[^@.<>]+(?:\.[^@.<>]+)+>?\s*$/,
);
my %message = ( notnull => "&quot;$fieldName&quot; ".WebGUI::International::get(29,$namespace),
number => "&quot;$fieldName&quot; ".WebGUI::International::get(30,$namespace),
word => "&quot;$fieldName&quot; ".WebGUI::International::get(31,$namespace),
email => "&quot;$value&quot; " .WebGUI::International::get(32,$namespace),
);
if ($value !~ $regex{$validation}) {
return "<LI>".$message{$validation}."</LI>";
}
return "";
}
1; 1;