fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-10 20:44:28 +09:00
Code Issues Projects Releases Packages Wiki Activity

#862 escapeValue()에서 foreach로 처리되록 수정

Browse source
This commit is contained in:
akasima 2014-07-25 18:27:59 +09:00
parent 791149f029
commit 26427a8967
1 changed files with 396 additions and 398 deletions
Download patch file Download diff file Expand all files Collapse all files

794
classes/xml/xmlquery/argument/Argument.class.php
View file

@ -1,398 +1,396 @@
<?php <?php
/* Copyright (C) NAVER <http://www.navercorp.com> */ /* Copyright (C) NAVER <http://www.navercorp.com> */
/** /**
* Argument class * Argument class
* @author NAVER (developers@xpressengine.com) * @author NAVER (developers@xpressengine.com)
* @package /classes/xml/xmlquery/argument * @package /classes/xml/xmlquery/argument
* @version 0.1 * @version 0.1
*/ */
class Argument class Argument
{ {
/** /**
* argument value * argument value
* @var mixed * @var mixed
*/ */
var $value; var $value;
/** /**
* argument name * argument name
* @var string * @var string
*/ */
var $name; var $name;
/** /**
* argument type * argument type
* @var string * @var string
*/ */
var $type; var $type;
/** /**
* result of argument type check * result of argument type check
* @var bool * @var bool
*/ */
var $isValid; var $isValid;
/** /**
* error message * error message
* @var Object * @var Object
*/ */
var $errorMessage; var $errorMessage;
/** /**
* column operation * column operation
*/ */
var $column_operation; var $column_operation;
/** /**
* Check if arg value is user submnitted or default * Check if arg value is user submnitted or default
* @var mixed * @var mixed
*/ */
var $uses_default_value; var $uses_default_value;
/** /**
* Caches escaped and toString value so that the parsing won't happen multiple times * Caches escaped and toString value so that the parsing won't happen multiple times
* @var mixed * @var mixed
*/ */
var $_value; // var $_value; //
/** /**
* constructor * constructor
* @param string $name * @param string $name
* @param mixed $value * @param mixed $value
* @return void * @return void
*/ */
function Argument($name, $value) function Argument($name, $value)
{ {
$this->value = $value; $this->value = $value;
$this->name = $name; $this->name = $name;
$this->isValid = TRUE; $this->isValid = TRUE;
} }
function getType() function getType()
{ {
if(isset($this->type)) if(isset($this->type))
{ {
return $this->type; return $this->type;
} }
if(is_string($this->value)) if(is_string($this->value))
{ {
return 'column_name'; return 'column_name';
} }
return 'number'; return 'number';
} }
function setColumnType($value) function setColumnType($value)
{ {
$this->type = $value; $this->type = $value;
} }
function setColumnOperation($operation) function setColumnOperation($operation)
{ {
$this->column_operation = $operation; $this->column_operation = $operation;
} }
function getName() function getName()
{ {
return $this->name; return $this->name;
} }
function getValue() function getValue()
{ {
if(!isset($this->_value)) if(!isset($this->_value))
{ {
$value = $this->getEscapedValue(); $value = $this->getEscapedValue();
$this->_value = $this->toString($value); $this->_value = $this->toString($value);
} }
return $this->_value; return $this->_value;
} }
function getPureValue() function getPureValue()
{ {
return $this->value; return $this->value;
} }
function getColumnOperation() function getColumnOperation()
{ {
return $this->column_operation; return $this->column_operation;
} }
function getEscapedValue() function getEscapedValue()
{ {
return $this->escapeValue($this->value); return $this->escapeValue($this->value);
} }
function getUnescapedValue() function getUnescapedValue()
{ {
if($this->value === 'null') if($this->value === 'null')
{ {
return null; return null;
} }
return $this->value; return $this->value;
} }
/** /**
* mixed value to string * mixed value to string
* @param mixed $value * @param mixed $value
* @return string * @return string
*/ */
function toString($value) function toString($value)
{ {
if(is_array($value)) if(is_array($value))
{ {
if(count($value) === 0) if(count($value) === 0)
{ {
return ''; return '';
} }
if(count($value) === 1 && $value[0] === '') if(count($value) === 1 && $value[0] === '')
{ {
return ''; return '';
} }
return '(' . implode(',', $value) . ')'; return '(' . implode(',', $value) . ')';
} }
return $value; return $value;
} }
/** /**
* escape value * escape value
* @param mixed $value * @param mixed $value
* @return mixed * @return mixed
*/ */
function escapeValue($value) function escapeValue($value)
{ {
$column_type = $this->getType(); $column_type = $this->getType();
if($column_type == 'column_name') if($column_type == 'column_name')
{ {
$dbParser = DB::getParser(); $dbParser = DB::getParser();
return $dbParser->parseExpression($value); return $dbParser->parseExpression($value);
} }
if(!isset($value)) if(!isset($value))
{ {
return null; return null;
} }
$columnTypeList = array('date' => 1, 'varchar' => 1, 'char' => 1, 'text' => 1, 'bigtext' => 1); $columnTypeList = array('date' => 1, 'varchar' => 1, 'char' => 1, 'text' => 1, 'bigtext' => 1);
if(isset($columnTypeList[$column_type])) if(isset($columnTypeList[$column_type]))
{ {
if(!is_array($value)) if(!is_array($value))
{ {
$value = $this->_escapeStringValue($value); $value = $this->_escapeStringValue($value);
} }
else else
{ {
$total = count($value); foreach($value as $key=>$val)
for($i = 0; $i < $total; $i++) {
{ $value[$key] = $this->_escapeStringValue($val);
$value[$i] = $this->_escapeStringValue($value[$i]); }
} }
//$value[$i] = '\''.$value[$i].'\''; }
} if($this->uses_default_value)
} {
if($this->uses_default_value) return $value;
{ }
return $value; if($column_type == 'number')
} {
if($column_type == 'number') if(is_array($value))
{ {
if(is_array($value)) foreach($value AS $key => $val)
{ {
foreach($value AS $key => $val) if(isset($val) && $val !== '')
{ {
if(isset($val) && $val !== '') $value[$key] = (int) $val;
{ }
$value[$key] = (int) $val; }
} }
} else
} {
else $value = (int) $value;
{ }
$value = (int) $value; }
}
} return $value;
}
return $value;
} /**
* escape string value
/** * @param string $value
* escape string value * @return string
* @param string $value */
* @return string function _escapeStringValue($value)
*/ {
function _escapeStringValue($value) // Remove non-utf8 chars.
{ $regex = '@((?:[\x00-\x7F]|[\xC0-\xDF][\x80-\xBF]|[\xE0-\xEF][\x80-\xBF]{2}){1,100})|([\xF0-\xF7][\x80-\xBF]{3})|([\x80-\xBF])|([\xC0-\xFF])@x';
// Remove non-utf8 chars.
$regex = '@((?:[\x00-\x7F]|[\xC0-\xDF][\x80-\xBF]|[\xE0-\xEF][\x80-\xBF]{2}){1,100})|([\xF0-\xF7][\x80-\xBF]{3})|([\x80-\xBF])|([\xC0-\xFF])@x'; $value = preg_replace_callback($regex, array($this, 'utf8Replacer'), $value);
$db = DB::getInstance();
$value = preg_replace_callback($regex, array($this, 'utf8Replacer'), $value); $value = $db->addQuotes($value);
$db = DB::getInstance(); return '\'' . $value . '\'';
$value = $db->addQuotes($value); }
return '\'' . $value . '\'';
} function utf8Replacer($captures)
{
function utf8Replacer($captures) if(strlen($captures[1]))
{ {
if(strlen($captures[1])) // Valid byte sequence. Return unmodified.
{ return $captures[1];
// Valid byte sequence. Return unmodified. }
return $captures[1]; else if(strlen($captures[2]))
} {
else if(strlen($captures[2])) // Remove user defined area
{ if("\xF3\xB0\x80\x80" <= $captures[2])
// Remove user defined area {
if("\xF3\xB0\x80\x80" <= $captures[2]) return;
{ }
return;
} return $captures[2];
}
return $captures[2]; else
} {
else return;
{ }
return; }
}
} function isValid()
{
function isValid() return $this->isValid;
{ }
return $this->isValid;
} function isColumnName()
{
function isColumnName() $type = $this->getType();
{ $value = $this->getUnescapedValue();
$type = $this->getType(); if($type == 'column_name')
$value = $this->getUnescapedValue(); {
if($type == 'column_name') return TRUE;
{ }
return TRUE; if($type == 'number' && is_null($value))
} {
if($type == 'number' && is_null($value)) return FALSE;
{ }
return FALSE; if($type == 'number' && !is_numeric($value) && $this->uses_default_value)
} {
if($type == 'number' && !is_numeric($value) && $this->uses_default_value) return TRUE;
{ }
return TRUE; return FALSE;
} }
return FALSE;
} function getErrorMessage()
{
function getErrorMessage() return $this->errorMessage;
{ }
return $this->errorMessage;
} function ensureDefaultValue($default_value)
{
function ensureDefaultValue($default_value) if($this->value === NULL || $this->value === '')
{ {
if($this->value === NULL || $this->value === '') $this->value = $default_value;
{ $this->uses_default_value = TRUE;
$this->value = $default_value; }
$this->uses_default_value = TRUE; }
}
} /**
* check filter by filter type
/** * @param string $filter_type
* check filter by filter type * @return void
* @param string $filter_type */
* @return void function checkFilter($filter_type)
*/ {
function checkFilter($filter_type) if(isset($this->value) && $this->value != '')
{ {
if(isset($this->value) && $this->value != '') global $lang;
{ $val = $this->value;
global $lang; $key = $this->name;
$val = $this->value; switch($filter_type)
$key = $this->name; {
switch($filter_type) case 'email' :
{ case 'email_address' :
case 'email' : if(!preg_match('/^[\w-]+((?:\.|\+|\~)[\w-]+)*@[\w-]+(\.[\w-]+)+$/is', $val))
case 'email_address' : {
if(!preg_match('/^[\w-]+((?:\.|\+|\~)[\w-]+)*@[\w-]+(\.[\w-]+)+$/is', $val)) $this->isValid = FALSE;
{ $this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_email, $lang->{$key} ? $lang->{$key} : $key));
$this->isValid = FALSE; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_email, $lang->{$key} ? $lang->{$key} : $key)); break;
} case 'homepage' :
break; if(!preg_match('/^(http|https)+(:\/\/)+[0-9a-z_-]+\.[^ ]+$/is', $val))
case 'homepage' : {
if(!preg_match('/^(http|https)+(:\/\/)+[0-9a-z_-]+\.[^ ]+$/is', $val)) $this->isValid = FALSE;
{ $this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_homepage, $lang->{$key} ? $lang->{$key} : $key));
$this->isValid = FALSE; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_homepage, $lang->{$key} ? $lang->{$key} : $key)); break;
} case 'userid' :
break; case 'user_id' :
case 'userid' : if(!preg_match('/^[a-zA-Z]+([_0-9a-zA-Z]+)*$/is', $val))
case 'user_id' : {
if(!preg_match('/^[a-zA-Z]+([_0-9a-zA-Z]+)*$/is', $val)) $this->isValid = FALSE;
{ $this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_userid, $lang->{$key} ? $lang->{$key} : $key));
$this->isValid = FALSE; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_userid, $lang->{$key} ? $lang->{$key} : $key)); break;
} case 'number' :
break; case 'numbers' :
case 'number' : if(is_array($val))
case 'numbers' : {
if(is_array($val)) $val = join(',', $val);
{ }
$val = join(',', $val); if(!preg_match('/^(-?)[0-9]+(,\-?[0-9]+)*$/is', $val))
} {
if(!preg_match('/^(-?)[0-9]+(,\-?[0-9]+)*$/is', $val)) $this->isValid = FALSE;
{ $this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_number, $lang->{$key} ? $lang->{$key} : $key));
$this->isValid = FALSE; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_number, $lang->{$key} ? $lang->{$key} : $key)); break;
} case 'alpha' :
break; if(!preg_match('/^[a-z]+$/is', $val))
case 'alpha' : {
if(!preg_match('/^[a-z]+$/is', $val)) $this->isValid = FALSE;
{ $this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_alpha, $lang->{$key} ? $lang->{$key} : $key));
$this->isValid = FALSE; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_alpha, $lang->{$key} ? $lang->{$key} : $key)); break;
} case 'alpha_number' :
break; if(!preg_match('/^[0-9a-z]+$/is', $val))
case 'alpha_number' : {
if(!preg_match('/^[0-9a-z]+$/is', $val)) $this->isValid = FALSE;
{ $this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_alpha_number, $lang->{$key} ? $lang->{$key} : $key));
$this->isValid = FALSE; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->invalid_alpha_number, $lang->{$key} ? $lang->{$key} : $key)); break;
} }
break; }
} }
}
} function checkMaxLength($length)
{
function checkMaxLength($length) if($this->value && (strlen($this->value) > $length))
{ {
if($this->value && (strlen($this->value) > $length)) global $lang;
{ $this->isValid = FALSE;
global $lang; $key = $this->name;
$this->isValid = FALSE; $this->errorMessage = new Object(-1, sprintf($lang->filter->outofrange, $lang->{$key} ? $lang->{$key} : $key));
$key = $this->name; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->outofrange, $lang->{$key} ? $lang->{$key} : $key)); }
}
} function checkMinLength($length)
{
function checkMinLength($length) if($this->value && (strlen($this->value) < $length))
{ {
if($this->value && (strlen($this->value) < $length)) global $lang;
{ $this->isValid = FALSE;
global $lang; $key = $this->name;
$this->isValid = FALSE; $this->errorMessage = new Object(-1, sprintf($lang->filter->outofrange, $lang->{$key} ? $lang->{$key} : $key));
$key = $this->name; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->outofrange, $lang->{$key} ? $lang->{$key} : $key)); }
}
} function checkNotNull()
{
function checkNotNull() if(!isset($this->value))
{ {
if(!isset($this->value)) global $lang;
{ $this->isValid = FALSE;
global $lang; $key = $this->name;
$this->isValid = FALSE; $this->errorMessage = new Object(-1, sprintf($lang->filter->isnull, $lang->{$key} ? $lang->{$key} : $key));
$key = $this->name; }
$this->errorMessage = new Object(-1, sprintf($lang->filter->isnull, $lang->{$key} ? $lang->{$key} : $key)); }
}
} }
/* End of file Argument.class.php */
} /* Location: ./classes/xml/xmlquery/argument/Argument.class.php */
/* End of file Argument.class.php */
/* Location: ./classes/xml/xmlquery/argument/Argument.class.php */