Validation rules.
Class declared in SYSPATH/classes/kohana/valid.php on line 11.
Checks whether a string consists of alphabetical characters only.
string
$str
required - Input stringboolean
$utf8
= bool FALSE - Trigger UTF-8 compatibilityboolean
public
static
function
alpha(
$str
,
$utf8
= FALSE)
{
$str
= (string)
$str
;
if
(
$utf8
=== TRUE)
{
return
(bool) preg_match(
'/^\pL++$/uD'
,
$str
);
}
else
{
return
ctype_alpha(
$str
);
}
}
Checks whether a string consists of alphabetical characters, numbers, underscores and dashes only.
string
$str
required - Input stringboolean
$utf8
= bool FALSE - Trigger UTF-8 compatibilityboolean
public
static
function
alpha_dash(
$str
,
$utf8
= FALSE)
{
if
(
$utf8
=== TRUE)
{
$regex
=
'/^[-\pL\pN_]++$/uD'
;
}
else
{
$regex
=
'/^[-a-z0-9_]++$/iD'
;
}
return
(bool) preg_match(
$regex
,
$str
);
}
Checks whether a string consists of alphabetical characters and numbers only.
string
$str
required - Input stringboolean
$utf8
= bool FALSE - Trigger UTF-8 compatibilityboolean
public
static
function
alpha_numeric(
$str
,
$utf8
= FALSE)
{
if
(
$utf8
=== TRUE)
{
return
(bool) preg_match(
'/^[\pL\pN]++$/uD'
,
$str
);
}
else
{
return
ctype_alnum(
$str
);
}
}
Checks if a string is a proper hexadecimal HTML color value. The validation is quite flexible as it does not require an initial "#" and also allows for the short notation using only three instead of six hexadecimal characters.
string
$str
required - Input stringboolean
public
static
function
color(
$str
)
{
return
(bool) preg_match(
'/^#?+[0-9a-f]{3}(?:[0-9a-f]{3})?$/iD'
,
$str
);
}
Validates a credit card number, with a Luhn check if possible.
integer
$number
required - Credit card numberstring|array
$type
= NULL - Card type, or an array of card typesboolean
public
static
function
credit_card(
$number
,
$type
= NULL)
{
// Remove all non-digit characters from the number
if
((
$number
= preg_replace(
'/\D+/'
,
''
,
$number
)) ===
''
)
return
FALSE;
if
(
$type
== NULL)
{
// Use the default type
$type
=
'default'
;
}
elseif
(
is_array
(
$type
))
{
foreach
(
$type
as
$t
)
{
// Test each type for validity
if
(Valid::credit_card(
$number
,
$t
))
return
TRUE;
}
return
FALSE;
}
$cards
= Kohana::
$config
->load(
'credit_cards'
);
// Check card type
$type
=
strtolower
(
$type
);
if
( ! isset(
$cards
[
$type
]))
return
FALSE;
// Check card number length
$length
=
strlen
(
$number
);
// Validate the card length by the card type
if
( ! in_array(
$length
, preg_split(
'/\D+/'
,
$cards
[
$type
][
'length'
])))
return
FALSE;
// Check card number prefix
if
( ! preg_match(
'/^'
.
$cards
[
$type
][
'prefix'
].
'/'
,
$number
))
return
FALSE;
// No Luhn check required
if
(
$cards
[
$type
][
'luhn'
] == FALSE)
return
TRUE;
return
Valid::luhn(
$number
);
}
Tests if a string is a valid date string.
string
$str
required - Date to checkboolean
public
static
function
date
(
$str
)
{
return
(
strtotime
(
$str
) !== FALSE);
}
Checks if a string is a proper decimal format. Optionally, a specific number of digits can be checked too.
string
$str
required - Number to checkinteger
$places
= integer 2 - Number of decimal placesinteger
$digits
= NULL - Number of digitsboolean
public
static
function
decimal(
$str
,
$places
= 2,
$digits
= NULL)
{
if
(
$digits
> 0)
{
// Specific number of digits
$digits
=
'{'
.( (int)
$digits
).
'}'
;
}
else
{
// Any number of digits
$digits
=
'+'
;
}
// Get the decimal point for the current locale
list(
$decimal
) =
array_values
(localeconv());
return
(bool) preg_match(
'/^[+-]?[0-9]'
.
$digits
.preg_quote(
$decimal
).
'[0-9]{'
.( (int)
$places
).
'}$/D'
,
$str
);
}
Checks whether a string consists of digits only (no dots or dashes).
string
$str
required - Input stringboolean
$utf8
= bool FALSE - Trigger UTF-8 compatibilityboolean
public
static
function
digit(
$str
,
$utf8
= FALSE)
{
if
(
$utf8
=== TRUE)
{
return
(bool) preg_match(
'/^\pN++$/uD'
,
$str
);
}
else
{
return
(
is_int
(
$str
) AND
$str
>= 0) OR ctype_digit(
$str
);
}
}
Check an email address for correct format.
string
$email
required - Email addressboolean
$strict
= bool FALSE - Strict RFC compatibilityboolean
public
static
function
email(
,
$strict
= FALSE)
{
if
(UTF8::
strlen
(
) > 254)
{
return
FALSE;
}
if
(
$strict
=== TRUE)
{
$qtext
=
'[^\\x0d\\x22\\x5c\\x80-\\xff]'
;
$dtext
=
'[^\\x0d\\x5b-\\x5d\\x80-\\xff]'
;
$atom
=
'[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+'
;
$pair
=
'\\x5c[\\x00-\\x7f]'
;
$domain_literal
=
"\\x5b($dtext|$pair)*\\x5d"
;
$quoted_string
=
"\\x22($qtext|$pair)*\\x22"
;
$sub_domain
=
"($atom|$domain_literal)"
;
$word
=
"($atom|$quoted_string)"
;
$domain
=
"$sub_domain(\\x2e$sub_domain)*"
;
$local_part
=
"$word(\\x2e$word)*"
;
$expression
=
"/^$local_part\\x40$domain$/D"
;
}
else
{
$expression
=
'/^[-_a-z0-9\'+*$^&%=~!?{}]++(?:\.[-_a-z0-9\'+*$^&%=~!?{}]+)*+@(?:(?![-.])[-a-z0-9.]+(?<![-.])\.[a-z]{2,6}|\d{1,3}(?:\.\d{1,3}){3})$/iD'
;
}
return
(bool) preg_match(
$expression
, (string)
);
}
Validate the domain of an email address by checking if the domain has a valid MX record.
string
$email
required - Email addressboolean
public
static
function
email_domain(
)
{
if
( ! Valid::not_empty(
))
return
FALSE;
// Empty fields cause issues with checkdnsrr()
// Check if the email domain has a valid MX record
return
(bool)
checkdnsrr
(preg_replace(
'/^[^@]++@/'
,
''
,
),
'MX'
);
}
Checks that a field is exactly the value required.
string
$value
required - Valuestring
$required
required - Required valueboolean
public
static
function
equals(
$value
,
$required
)
{
return
(
$value
===
$required
);
}
Checks that a field is exactly the right length.
string
$value
required - Valueinteger|array
$length
required - Exact length required, or array of valid lengthsboolean
public
static
function
exact_length(
$value
,
$length
)
{
if
(
is_array
(
$length
))
{
foreach
(
$length
as
$strlen
)
{
if
(UTF8::
strlen
(
$value
) ===
$strlen
)
return
TRUE;
}
return
FALSE;
}
return
UTF8::
strlen
(
$value
) ===
$length
;
}
Validate an IP.
string
$ip
required - IP addressboolean
$allow_private
= bool TRUE - Allow private IP networksboolean
public
static
function
ip(
$ip
,
$allow_private
= TRUE)
{
// Do not allow reserved addresses
$flags
= FILTER_FLAG_NO_RES_RANGE;
if
(
$allow_private
=== FALSE)
{
// Do not allow private or reserved addresses
$flags
=
$flags
| FILTER_FLAG_NO_PRIV_RANGE;
}
return
(bool) filter_var(
$ip
, FILTER_VALIDATE_IP,
$flags
);
}
Validate a number against the Luhn (mod10) formula.
string
$number
required - Number to checkboolean
public
static
function
luhn(
$number
)
{
// Force the value to be a string as this method uses string functions.
// Converting to an integer may pass PHP_INT_MAX and result in an error!
$number
= (string)
$number
;
if
( ! ctype_digit(
$number
))
{
// Luhn can only be used on numbers!
return
FALSE;
}
// Check number length
$length
=
strlen
(
$number
);
// Checksum of the card number
$checksum
= 0;
for
(
$i
=
$length
- 1;
$i
>= 0;
$i
-= 2)
{
// Add up every 2nd digit, starting from the right
$checksum
+=
substr
(
$number
,
$i
, 1);
}
for
(
$i
=
$length
- 2;
$i
>= 0;
$i
-= 2)
{
// Add up every 2nd digit doubled, starting from the right
$double
=
substr
(
$number
,
$i
, 1) * 2;
// Subtract 9 from the double where value is greater than 10
$checksum
+= (
$double
>= 10) ? (
$double
- 9) :
$double
;
}
// If the checksum is a multiple of 10, the number is valid
return
(
$checksum
% 10 === 0);
}
Checks if a field matches the value of another field.
array
$array
required - Array of valuesstring
$field
required - Field namestring
$match
required - Field name to matchboolean
public
static
function
matches(
$array
,
$field
,
$match
)
{
return
(
$array
[
$field
] ===
$array
[
$match
]);
}
Checks that a field is short enough.
string
$value
required - Valueinteger
$length
required - Maximum length requiredboolean
public
static
function
max_length(
$value
,
$length
)
{
return
UTF8::
strlen
(
$value
) <=
$length
;
}
Checks that a field is long enough.
string
$value
required - Valueinteger
$length
required - Minimum length requiredboolean
public
static
function
min_length(
$value
,
$length
)
{
return
UTF8::
strlen
(
$value
) >=
$length
;
}
Checks if a field is not empty.
boolean
public
static
function
not_empty(
$value
)
{
if
(
is_object
(
$value
) AND
$value
instanceof
ArrayObject)
{
// Get the array from the ArrayObject
$value
=
$value
->getArrayCopy();
}
// Value cannot be NULL, FALSE, '', or an empty array
return
! in_array(
$value
,
array
(NULL, FALSE,
''
,
array
()), TRUE);
}
Checks whether a string is a valid number (negative and decimal numbers allowed).
Uses {@link http://www.php.net/manual/en/function.localeconv.php locale conversion} to allow decimal point to be locale specific.
string
$str
required - Input stringboolean
public
static
function
numeric(
$str
)
{
// Get the decimal point for the current locale
list(
$decimal
) =
array_values
(localeconv());
// A lookahead is used to make sure the string contains at least one digit (before or after the decimal point)
return
(bool) preg_match(
'/^-?+(?=.*[0-9])[0-9]*+'
.preg_quote(
$decimal
).
'?+[0-9]*+$/D'
, (string)
$str
);
}
Checks if a phone number is valid.
string
$number
required - Phone number to checkarray
$lengths
= NULL - $lengthsboolean
public
static
function
phone(
$number
,
$lengths
= NULL)
{
if
( !
is_array
(
$lengths
))
{
$lengths
=
array
(7,10,11);
}
// Remove all non-digit characters from the number
$number
= preg_replace(
'/\D+/'
,
''
,
$number
);
// Check if the number is within range
return
in_array(
strlen
(
$number
),
$lengths
);
}
Tests if a number is within a range.
string
$number
required - Number to checkinteger
$min
required - Minimum valueinteger
$max
required - Maximum valueboolean
public
static
function
range(
$number
,
$min
,
$max
)
{
return
(
$number
>=
$min
AND
$number
<=
$max
);
}
Checks a field against a regular expression.
string
$value
required - Valuestring
$expression
required - Regular expression to match (including delimiters)boolean
public
static
function
regex(
$value
,
$expression
)
{
return
(bool) preg_match(
$expression
, (string)
$value
);
}
Validate a URL.
string
$url
required - URLboolean
public
static
function
url(
$url
)
{
// Based on http://www.apps.ietf.org/rfc/rfc1738.html#sec-5
if
( ! preg_match(
'~^
# scheme
[-a-z0-9+.]++:
//
# username:password (optional)
(?:
[-a-z0-9
$_
.+!*\'(),;?&=%]++ # username
(?::[-a-z0-9
$_
.+!*\'(),;?&=%]++)? # password (optional)
@
)?
(?:
# ip address
\d{1,3}+(?:\.\d{1,3}+){3}+
| #
or
# hostname (captured)
(
(?!-)[-a-z0-9]{1,63}+(?<!-)
(?:\.(?!-)[-a-z0-9]{1,63}+(?<!-)){0,126}+
)
)
# port (optional)
(?::\d{1,5}+)?
# path (optional)
(?:/.*)?
$~iDx',
$url
,
$matches
))
return
FALSE;
// We matched an IP address
if
( ! isset(
$matches
[1]))
return
TRUE;
// Check maximum length of the whole hostname
// http://en.wikipedia.org/wiki/Domain_name#cite_note-0
if
(
strlen
(
$matches
[1]) > 253)
return
FALSE;
// An extra check for the top level domain
// It must start with a letter
$tld
= ltrim(
substr
(
$matches
[1], (int)
strrpos
(
$matches
[1],
'.'
)),
'.'
);
return
ctype_alpha(
$tld
[0]);
}