ERROR = ""; $this->CLEAR = FALSE; return; } function clear_error () { $this->ERROR = ""; } // ************************************************************ // Checks a string for whitespace. True or FALSE function has_space ($text) { if (ereg("[ ]",$text)) { return TRUE; } return FALSE; } // ************************************************************ // Strips whitespace (tab or space) from a string function strip_space ($text) { $Return = ereg_replace("([ ]+)","",$text); return ($Return); } // ************************************************************ // Returns TRUE if string contains only numbers function is_allnumbers ($text) { if ((gettype($text)) == "integer") { return TRUE; } $Bad = $this->strip_numbers($text); if (empty($Bad)) { return TRUE; } return FALSE; } // ************************************************************ // Strip numbers from a string function strip_numbers ($text) { $Stripped = eregi_replace("([0-9]+)","",$text); return ($Stripped); } // ************************************************************ // Returns TRUE if string contains only letters function is_allletters ($text) { $Bad = $this->strip_letters($text); if (empty($Bad)) { return TRUE; } return FALSE; } // ************************************************************ // Strips letters from a string function strip_letters ($text) { $Stripped = eregi_replace("([A-Z]+)","",$text); return $Stripped; } // ************************************************************ // Checks for HTML entities in submitted text. // If found returns TRUE, otherwise FALSE. HTML specials are: // // " => " // < => < // > => > // & => & // // The presence of ",<,>,& will force this method to return TRUE. // function has_html ($text = "") { if (empty($text)) { return FALSE; } $New = htmlspecialchars($text); if ($New == $text) { return FALSE; } return TRUE; } // ************************************************************ // strip_html() // // Strips all html entities, attributes, elements and tags from // the submitted string data and returns the results. // // Can't use a regex here because there's no way to know // how the data is laid out. We have to examine every character // that's been submitted. Consequently, this is not a very // efficient method. It works, it's very good at removing // all html from the data, but don't send gobs of data // at it or your program will slow to a crawl. // If you're stripping HTML from a file, use PHP's fgetss() // and NOT this method, as fgetss() does the same thing // about 100x faster. function strip_html ($text = "") { if ((!$text) or (empty($text))) { return ""; } $outside = TRUE; $rawText = ""; $length = strlen($text); $count = 0; for($count=0; $count < $length; $count++) { $digit = substr($text,$count,1); if (!empty($digit)) { if (($outside) and ($digit != "<") and ($digit != ">")) { $rawText .= $digit; } if ($digit == "<") { $outside = FALSE; } if ($digit == ">") { $outside = TRUE; } } } return $rawText; } // ************************************************************ // Returns TRUE of the submitted text has meta characters in it // . \\ + * ? [ ^ ] ( $ ) // // function has_metas ($text = "") { if (empty($text)) { return FALSE; } $New = quotemeta($text); if ($New == $text) { return FALSE; } return TRUE; } // ************************************************************ // Strips " . \\ + * ? [ ^ ] ( $ ) " from submitted string // // Metas are a virtual MINE FIELD for regular expressions, // see custom_strip() for how they are removed function strip_metas ($text = "") { if (empty($text)) { return FALSE; } $Metas = array( '.','+','*','?','[','^',']','(','$',')' ); $text = stripslashes($text); $New = $this->custom_strip($Metas,$text); return $New; } // ************************************************************ // $Chars must be an array of characters to remove. // This method is meta-character safe. function custom_strip ($Chars, $text = "") { if ($this->CLEAR) { $this->clear_error(); } if (empty($text)) { return FALSE; } if ((gettype($Chars)) != "array") { $this->ERROR = "custom_strip: [$Chars] is not an array"; return FALSE; } while ( list ( $key,$val) = each ($Chars) ) { if (!empty($val)) { // str_replace is meta-safe, ereg_replace is not $text = str_replace($val,"",$text); } } return $text; } // ************************************************************ // Valid email format? TRUE or FALSE // This checks the raw address, not RFC 822 addresses. // Looks for [something]@[valid hostname with DNS record] function is_email ($Address = "") { if ($this->CLEAR) { $this->clear_error(); } if (empty($Address)) { $this->ERROR = "is_email: No email address submitted"; return FALSE; } if (!ereg("@",$Address)) { $this->ERROR = "is_email: Invalid, no @ symbol in string"; return FALSE; } list($User,$Host) = split("@",$Address); if ((empty($User)) or (empty($Address))) { $this->ERROR = "is_email: missing data [$User]@[$Host]"; return FALSE; } if (($this->has_space($User)) or ($this->has_space($Host))) { $this->ERROR = "is_email: Whitespace in [$User]@[$Host]"; return FALSE; } // Can't look for an MX only record as that precludes // CNAME only records. Thanks to everyone that slapped // me upside the head for this glaring oversite. :) if (!$this->is_host($Host,"ANY")) { return FALSE; } return TRUE; } // ************************************************************ // Valid URL format? TRUE or FALSE // Checks format of a URL - does NOT handle query strings or // urlencoded data. function is_url ($Url = "") { if ($this->CLEAR) { $this->clear_error(); } if (empty($Url)) { $this->ERROR = "is_url: No URL submitted"; return FALSE; } // Wow, the magic of parse_url! $UrlElements = parse_url($Url); if ((empty($UrlElements)) or (!$UrlElements)) { $this->ERROR = "is_url: Parse error reading [$Url]"; return FALSE; } $scheme = $UrlElements[scheme]; $HostName = $UrlElements[host]; if (empty($scheme)) { $this->ERROR = "is_url: Missing protocol declaration"; return FALSE; } if (empty($HostName)) { $this->ERROR = "is_url: No hostname in URL"; return FALSE; } if (!eregi("^(ht|f)tp",$scheme)) { $this->ERROR = "is_url: No http:// or ftp://"; return FALSE; } if (!$this->is_hostname($HostName)) { return FALSE; } return TRUE; } // ************************************************************ // URL responds to requests? TRUE or FALSE // This will obviously fail if you're not connected to // the internet, or if there are connection problems. (firewall etc) function url_responds ($Url = "") { global $php_errormsg; if ($this->CLEAR) { $this->clear_error(); } if (empty($Url)) { $this->ERROR = "url_responds: No URL submitted"; return FALSE; } if (!$this->is_url($Url)) { return FALSE; } $fd = @fopen($Url,"r"); if (!$fd) { $this->ERROR = "url_responds: Failed : $php_errormsg"; return FALSE; } else { @fclose($fd); return TRUE; } } // ************************************************************ // Valid phone number? TRUE or FALSE // Tries to validate a phone number // Strips (,),-,+ from number prior to checking // Less than 7 digits = fail // More than 13 digits = fail // Anything other than numbers after the stripping = fail function is_phone ($Phone = "") { if ($this->CLEAR) { $this->clear_error(); } if (empty($Phone)) { $this->ERROR = "is_phone: No Phone number submitted"; return FALSE; } $Num = $Phone; $Num = $this->strip_space($Num); $Num = eregi_replace("(\(|\)|\-|\+)","",$Num); if (!$this->is_allnumbers($Num)) { $this->ERROR = "is_phone: bad data in phone number"; return FALSE; } if ((strlen($Num)) < 7) { $this->ERROR = "is_phone: number is too short [$Num][$Phone]"; return FALSE; } // 000 000 000 0000 // CC AC PRE SUFX = max 13 digits if ((strlen($Num)) > 13) { $this->ERROR = "is_phone: number is too long [$Num][$Phone]"; return FALSE; } return TRUE; } // ************************************************************ // Valid, fully qualified hostname? TRUE or FALSE // Checks the -syntax- of the hostname, not it's actual // validity as a reachable internet host function is_hostname ($hostname = "") { if ($this->CLEAR) { $this->clear_error(); } $web = FALSE; if (empty($hostname)) { $this->ERROR = "is_hostname: No hostname submitted"; return FALSE; } // Only a-z, 0-9, and "-" or "." are permitted in a hostname // Patch for POSIX regex lib by Sascha Schumann sas@schell.de $Bad = eregi_replace("[-A-Z0-9\.]","",$hostname); if (!empty($Bad)) { $this->ERROR = "is_hostname: invalid chars [$Bad]"; return FALSE; } // See if we're doing www.hostname.tld or hostname.tld if (eregi("^www\.",$hostname)) { $web = TRUE; } // double "." is a not permitted if (ereg("\.\.",$hostname)) { $this->ERROR = "is_hostname: Double dot in [$hostname]"; return FALSE; } if (ereg("^\.",$hostname)) { $this->ERROR = "is_hostname: leading dot in [$hostname]"; return FALSE; } $chunks = explode(".",$hostname); if ((gettype($chunks)) != "array") { $this->ERROR = "is_hostname: Invalid hostname, no dot seperator [$hostname]"; return FALSE; } $count = ( (count($chunks)) - 1); if ($count < 1) { $this->ERROR = "is_hostname: Invalid hostname [$count] [$hostname]\n"; return FALSE; } // Bug that can't be killed without doing an is_host, // something.something will return TRUE, even if it's something // stupid like NS.SOMETHING (with no tld), because SOMETHING is // consTRUEd to BE the tld. The is_bigfour and is_country // checks should help eliminate this inconsistancy. To really // be sure you've got a valid hostname, do an is_host() on it. if (($web) and ($count < 2)) { $this->ERROR = "is_hostname: Invalid hostname [$count] [$hostname]\n"; return FALSE; } $tld = $chunks[$count]; if (empty($tld)) { $this->ERROR = "is_hostname: No TLD found in [$hostname]"; return FALSE; } if (!$this->is_bigfour($tld)) { if (!$this->is_country($tld)) { $this->ERROR = "is_hostname: Unrecognized TLD [$tld]"; return FALSE; } } return TRUE; } // ************************************************************ function is_bigfour ($tld) { if (empty($tld)) { return FALSE; } if (eregi("^\.",$tld)) { $tld = eregi_replace("^\.","",$tld); } $BigFour = array (com=>com,edu=>edu,net=>net,org=>org,info=>info,biz=>biz,ac=>ac); $tld = strtolower($tld); if (isset($BigFour[$tld])) { return TRUE; } return FALSE; } // ************************************************************ // Hostname is a reachable internet host? TRUE or FALSE function is_host ($hostname = "", $type = "ANY") { if ($this->CLEAR) { $this->clear_error(); } if (empty($hostname)) { $this->ERROR = "is_host: No hostname submitted"; return FALSE; } if (!$this->is_hostname($hostname)) { return FALSE; } // if (!checkdnsrr($hostname,$type)) { // $this->ERROR = "is_host: no DNS records for [$hostname]."; // return FALSE; // } return TRUE; } // ************************************************************ // Dotted quad IPAddress within valid range? TRUE or FALSE // Checks format, leading zeros, and values > 255 // Does not check for reserved or unroutable IPs. function is_ipaddress ($IP = "") { if ($this->CLEAR) { $this->clear_error(); } if (empty($IP)) { $this->ERROR = "is_ipaddress: No IP address submitted"; return FALSE; } // 123456789012345 // xxx.xxx.xxx.xxx $len = strlen($IP); if ($len > 15) { $this->ERROR = "is_ipaddress: too long [$IP][$len]"; return FALSE; } $Bad = eregi_replace("([0-9\.]+)","",$IP); if (!empty($Bad)) { $this->ERROR = "is_ipaddress: Bad data in IP address [$Bad]"; return FALSE; } $chunks = explode(".",$IP); $count = count($chunks); if ($count != 4) { $this->ERROR = "is_ipaddress: not a dotted quad [$IP]"; return FALSE; } while ( list ($key,$val) = each ($chunks) ) { if (ereg("^0",$val)) { $this->ERROR = "is_ipaddress: Invalid IP segment [$val]"; return FALSE; } $Num = $val; settype($Num,"integer"); if ($Num > 255) { $this->ERROR = "is_ipaddress: Segment out of range [$Num]"; return FALSE; } } return TRUE; } // end is_ipaddress // ************************************************************ // IP address is valid, and resolves to a hostname? TRUE or FALSE function ip_resolves ($IP = "") { if ($this->CLEAR) { $this->clear_error(); } if (empty($IP)) { $this->ERROR = "ip_resolves: No IP address submitted"; return FALSE; } if (!$this->is_ipaddress($IP)) { return FALSE; } $Hostname = gethostbyaddr($IP); if ($Hostname == $IP) { $this->ERROR = "ip_resolves: IP does not resolve."; return FALSE; } if ($Hostname) { if (!checkdnsrr($Hostname)) { $this->ERROR = "is_ipaddress: no DNS records for resolved hostname [$Hostname]"; return FALSE; } if ((gethostbyname($Hostname)) != $IP) { $this->ERROR = "is_ipaddress: forward:reverse mismatch, possible forgery"; // Non-fatal, but it should be noted. } } else { $this->ERROR = "ip_resolves: IP address does not resolve"; return FALSE; } return TRUE; } // ************************************************************ // Valid postal zip code? TRUE or FALSE function is_zip ($zipcode = "") { if ($this->CLEAR) { $this->clear_error(); } if (empty($zipcode)) { $this->ERROR = "is_zip: No zipcode submitted"; return FALSE; } $Bad = eregi_replace("([-0-9]+)","",$zipcode); if (!empty($Bad)) { $this->ERROR = "is_zip: Bad data in zipcode [$Bad]"; return FALSE; } $Num = eregi_replace("\-","",$zipcode); $len = strlen($Num); if (($len > 10) or ($len < 5)) { $this->ERROR = "is_zipcode: Invalid length [$len] for zipcode"; return FALSE; } return TRUE; } // ************************************************************ // Valid postal country code? // Returns the name of the country, or null on failure // Current array recognizes ~232 country codes. // I don't know if all of these are 100% accurate. // You don't wanna know how difficult it was just getting // this listing in here. :) function is_country ($countrycode = "") { if ($this->CLEAR) { $this->clear_error(); } $Return = ""; if (empty($countrycode)) { $this->ERROR = "is_country: No country code submitted"; return $Return; } $countrycode = strtolower($countrycode); if ((strlen($countrycode)) != 2) { $this->ERROR = "is_country: 2 digit codes only [$countrycode]"; return $Return; } // Now for a really big array // Dominican Republic, cc = "do" because it's a reserved // word in PHP. That parse error took 10 minutes of // head-scratching to figure out :) // A (roughly) 3.1 Kbyte array $CCodes = array ( "do" => "Dominican Republic", "ad" => "Andorra", "ae" => "United Arab Emirates", "af" => "Afghanistan", "ag" => "Antigua and Barbuda", "ai" => "Anguilla", "al" => "Albania", "am" => "Armenia", "an" => "Netherlands Antilles", "ao" => "Angola", "aq" => "Antarctica", "ar" => "Argentina", "as" => "American Samoa", "at" => "Austria", "au" => "Australia", "aw" => "Aruba", "az" => "Azerbaijan", "ba" => "Bosnia Hercegovina", "bb" => "Barbados", "bd" => "Bangladesh", "be" => "Belgium", "bf" => "Burkina Faso", "bg" => "Bulgaria", "bh" => "Bahrain", "bi" => "Burundi", "bj" => "Benin", "bm" => "Bermuda", "bn" => "Brunei Darussalam", "bo" => "Bolivia", "br" => "Brazil", "bs" => "Bahamas", "bt" => "Bhutan", "bv" => "Bouvet Island", "bw" => "Botswana", "by" => "Belarus (Byelorussia)", "bz" => "Belize", "ca" => "Canada", "cc" => "Cocos Islands", "cd" => 'Congo, The Democratic Republic of the', "cf" => "Central African Republic", "cg" => "Congo", "ch" => "Switzerland", "ci" => "Ivory Coast", "ck" => "Cook Islands", "cl" => "Chile", "cm" => "Cameroon", "cn" => "China", "co" => "Colombia", "cr" => "Costa Rica", "cs" => "Czechoslovakia", "cu" => "Cuba", "cv" => "Cape Verde", "cx" => "Christmas Island", "cy" => "Cyprus", "cz" => 'Czech Republic', "de" => "Germany", "dj" => "Djibouti", "dk" => 'Denmark', "dm" => "Dominica", "dz" => "Algeria", "ec" => "Ecuador", "ee" => "Estonia", "eg" => "Egypt", "eh" => "Western Sahara", "er" => 'Eritrea', "es" => "Spain", "et" => "Ethiopia", "fi" => "Finland", "fj" => "Fiji", "fk" => "Falkland Islands", "fm" => "Micronesia", "fo" => "Faroe Islands", "fr" => "France", "fx" => 'France, Metropolitan FX', "ga" => "Gabon", "gb" => 'United Kingdom (Great Britain)', "gd" => "Grenada", "ge" => "Georgia", "gf" => "French Guiana", "gh" => "Ghana", "gi" => "Gibraltar", "gl" => "Greenland", "gm" => "Gambia", "gn" => "Guinea", "gp" => "Guadeloupe", "gq" => "Equatorial Guinea", "gr" => "Greece", "gs" => 'South Georgia and the South Sandwich Islands', "gt" => "Guatemala", "gu" => "Guam", "gw" => "Guinea-bissau", "gy" => "Guyana", "hk" => "Hong Kong", "hm" => "Heard and McDonald Islands", "hn" => "Honduras", "hr" => "Croatia", "ht" => "Haiti", "hu" => "Hungary", "id" => "Indonesia", "ie" => "Ireland", "il" => "Israel", "in" => "India", "io" => "British Indian Ocean Territory", "iq" => "Iraq", "ir" => "Iran", "is" => "Iceland", "it" => "Italy", "jm" => "Jamaica", "jo" => "Jordan", "jp" => "Japan", "ke" => "Kenya", "kg" => "Kyrgyzstan", "kh" => "Cambodia", "ki" => "Kiribati", "km" => "Comoros", "kn" => "Saint Kitts and Nevis", "kp" => "North Korea", "kr" => "South Korea", "kw" => "Kuwait", "ky" => "Cayman Islands", "kz" => "Kazakhstan", "la" => "Laos", "lb" => "Lebanon", "lc" => "Saint Lucia", "li" => "Lichtenstein", "lk" => "Sri Lanka", "lr" => "Liberia", "ls" => "Lesotho", "lt" => "Lithuania", "lu" => "Luxembourg", "lv" => "Latvia", "ly" => "Libya", "ma" => "Morocco", "mc" => "Monaco", "md" => "Moldova Republic", "mg" => "Madagascar", "mh" => "Marshall Islands", "mk" => 'Macedonia, The Former Yugoslav Republic of', "ml" => "Mali", "mm" => "Myanmar", "mn" => "Mongolia", "mo" => "Macau", "mp" => "Northern Mariana Islands", "mq" => "Martinique", "mr" => "Mauritania", "ms" => "Montserrat", "mt" => "Malta", "mu" => "Mauritius", "mv" => "Maldives", "mw" => "Malawi", "mx" => "Mexico", "my" => "Malaysia", "mz" => "Mozambique", "na" => "Namibia", "nc" => "New Caledonia", "ne" => "Niger", "nf" => "Norfolk Island", "ng" => "Nigeria", "ni" => "Nicaragua", "nl" => "Netherlands", "no" => "Norway", "np" => "Nepal", "nr" => "Nauru", "nt" => "Neutral Zone", "nu" => "Niue", "nz" => "New Zealand", "om" => "Oman", "pa" => "Panama", "pe" => "Peru", "pf" => "French Polynesia", "pg" => "Papua New Guinea", "ph" => "Philippines", "pk" => "Pakistan", "pl" => "Poland", "pm" => "St. Pierre and Miquelon", "pn" => "Pitcairn", "pr" => "Puerto Rico", "pt" => "Portugal", "pw" => "Palau", "py" => "Paraguay", "qa" => 'Qatar', "re" => "Reunion", "ro" => "Romania", "ru" => "Russia", "rw" => "Rwanda", "sa" => "Saudi Arabia", "sb" => "Solomon Islands", "sc" => "Seychelles", "sd" => "Sudan", "se" => "Sweden", "sg" => "Singapore", "sh" => "St. Helena", "si" => "Slovenia", "sj" => "Svalbard and Jan Mayen Islands", "sk" => 'Slovakia (Slovak Republic)', "sl" => "Sierra Leone", "sm" => "San Marino", "sn" => "Senegal", "so" => "Somalia", "sr" => "Suriname", "st" => "Sao Tome and Principe", "sv" => "El Salvador", "sy" => "Syria", "sz" => "Swaziland", "tc" => "Turks and Caicos Islands", "td" => "Chad", "tf" => "French Southern Territories", "tg" => "Togo", "th" => "Thailand", "tj" => "Tajikistan", "tk" => "Tokelau", "tm" => "Turkmenistan", "tn" => "Tunisia", "to" => "Tonga", "tp" => "East Timor", "tr" => "Turkey", "tt" => "Trinidad, Tobago", "tv" => "Tuvalu", "tw" => "Taiwan", "tz" => "Tanzania", "ua" => "Ukraine", "ug" => "Uganda", "uk" => "United Kingdom", "um" => "United States Minor Islands", "us" => "United States of America", "uy" => "Uruguay", "uz" => "Uzbekistan", "va" => "Vatican City", "vc" => "Saint Vincent, Grenadines", "ve" => "Venezuela", "vg" => "Virgin Islands (British)", "vi" => "Virgin Islands (USA)", "vn" => "Viet Nam", "vu" => "Vanuatu", "wf" => 'Wallis and Futuna Islands', "ws" => "Samoa", "ye" => 'Yemen', "yt" => 'Mayotte', "yu" => "Yugoslavia", "za" => "South Africa", "zm" => "Zambia", "zr" => "Zaire", "zw" => "Zimbabwe" ); if (isset($CCodes[$countrycode])) { $Return = $CCodes[$countrycode]; } else { $this->ERROR = "is_country: Unrecognized country code [$countrycode]"; $Return = ""; } // make sure this monster is removed from memory unset($CCodes); return ($Return); } // end is_country } // End class ?>