\web\lib\commonInputValidation

performs validation of user inputs

Summary

Methods
Properties
Constants
Federation()
IdP()
Profile()
Device()
string()
integer()
consortiumOI()
realm()
User()
token()
coordinate()
coordJsonEncoded()
boolean()
databaseReference()
hostname()
email()
supportedLanguage()
optionName()
image()
No public properties found
TABLEMAPPING
No protected methods found
No protected properties found
N/A
inputValidationError()
No private properties found
N/A

Constants

TABLEMAPPING

TABLEMAPPING = [IdP => institution_option, Profile => profile_option, FED => federation_option]

Methods

Federation()

Federation(  input, string|null  owner = NULL) : \core\Federation

Is this a known Federation? Optionally, also check if the authenticated user is a federation admin of that federation

Parameters

input

the ISO code of the federation

string|null owner

the authenticated username, optional

Throws

\Exception

Returns

\core\Federation —

IdP()

IdP(  input,   owner = NULL) : \core\IdP

Is this a known IdP? Optionally, also check if the authenticated user is an admin of that IdP

Parameters

input

the numeric ID of the IdP in the system

owner

the authenticated username, optional

Throws

\Exception

Returns

\core\IdP —

Profile()

Profile(  input, int|null  idpIdentifier = NULL) : \core\AbstractProfile

Checks if the input refers to a known Profile. Optionally also takes an IdP identifier and then checks if the Profile belongs to the refernced IdP

Parameters

input

the numeric ID of the Profile in the system

int|null idpIdentifier

the numeric ID of the IdP in the system, optional

Throws

\Exception

Returns

\core\AbstractProfile —

Device()

Device(  input) : 

Checks if this is a device known to the system

Parameters

input

the name of the device (index in the Devices.php array)

Throws

\Exception

Returns

returns the same string on success, throws an Exception on failure

string()

string(  input,   allowWhitespace = FALSE) : 

Checks if the input was a valid string.

Parameters

input

a string to be made SQL-safe

allowWhitespace

whether some whitespace (e.g. newlines should be preserved (true) or redacted (false)

Returns

the massaged string

integer()

integer(string|int  input) : bool|string|int

Is this an integer, or a string that represents an integer?

Parameters

string|int input

Returns

bool|string|int —

returns the input, or FALSE if it is not an integer-like value

consortiumOI()

consortiumOI(  input) : bool|string

Checks if the input is the hex representation of a Consortium OI (i.e. three or five bytes)

Parameters

input

Returns

bool|string —

returns the input, or FALSE on validation failure

realm()

realm(  input) : bool|string

Is the input an NAI realm? Throws HTML error and returns FALSE if not.

Parameters

input

the input to check

Returns

bool|string —

returns the realm, or FALSE if it was malformed

User()

User(  input) : 

could this be a valid username?

Only checks correct form, not if the user actually exists in the system.

Parameters

input

Throws

\Exception

Returns

echoes back the input string, or throws an Exception if bogus

token()

token(  input) : 

could this be a valid token?

Only checks correct form, not if the token actually exists in the system.

Parameters

input

Throws

\Exception

Returns

echoes back the input string, or throws an Exception if bogus

coordinate()

coordinate(  input) : 

Is this be a valid coordinate vector on one axis?

Parameters

input

a numeric value in range of a geo coordinate [-180;180]

Throws

\Exception

Returns

returns back the input if all is good; throws an Exception if out of bounds or not numeric

coordJsonEncoded()

coordJsonEncoded(  input) : 

Is this a valid coordinate pair in JSON encoded representation?

Parameters

input

the string to be checked: is this a serialised array with lat/lon keys in a valid number range?

Throws

\Exception

Returns

returns $input if checks have passed; throws an Exception if something's wrong

boolean()

boolean(  input) : 

This checks the state of a HTML GET/POST "boolean".

If not checked, no value is submitted at all; if checked, has the word "on". Anything else is a big error.

Parameters

input

the string to test

Throws

\Exception

Returns

TRUE if the input was "on". It is not possible in HTML to signal "off"

databaseReference()

databaseReference(  input) : bool|array

Is this a valid database reference? Has the form <tablename>-<rowID> and there needs to be actual data at that place

Parameters

input

the reference to check

Returns

bool|array —

the reference split up into "table" and "rowindex", or FALSE

hostname()

hostname(  input) : bool|string

is this a valid hostname?

Parameters

input

Returns

bool|string —

echoes the hostname, or FALSE if bogus

email()

email(  input) : bool|string

is this a valid email address?

Parameters

input

Returns

bool|string —

echoes the mail address, or FALSE if bogus

supportedLanguage()

supportedLanguage(  input) : 

Is this is a language we support? If not, sanitise to our configured default language.

Parameters

input

the candidate language identifier

Returns

optionName()

optionName(  input) : 

Makes sure we are not receiving a bogus option name. The called function throws an assertion if the name is not known.

Parameters

input

Returns

image()

image( binary) 

Parameters

binary

inputValidationError()

inputValidationError(  customtext) : 

returns a simple HTML <p> element with basic explanations about what was wrong with the input

Parameters

customtext

explanation provided by the validator function

Returns