Validation rules.
Class declared in SYSPATH/classes/Valid.php on line 3.
Checks whether a string consists of alphabetical characters only.
string
$str
required - Input string boolean
$utf8
= bool FALSE - Trigger UTF-8 compatibility boolean
public static function alpha($str, $utf8 = false)
{
$str = (string) $str;
if ($utf8 === true) {
return (bool) preg_match('/^\pL++$/uD', $str);
} else {
return ctype_alpha($str);
}
}
Checks whether a string consists of alphabetical characters, numbers, underscores and dashes only.
string
$str
required - Input string boolean
$utf8
= bool FALSE - Trigger UTF-8 compatibility boolean
public static function alpha_dash($str, $utf8 = false)
{
if ($utf8 === true) {
$regex = '/^[-\pL\pN_]++$/uD';
} else {
$regex = '/^[-a-z0-9_]++$/iD';
}
return (bool) preg_match($regex, $str);
}
Checks whether a string consists of alphabetical characters and numbers only.
string
$str
required - Input string boolean
$utf8
= bool FALSE - Trigger UTF-8 compatibility boolean
public static function alpha_numeric($str, $utf8 = false)
{
if ($utf8 === true) {
return (bool) preg_match('/^[\pL\pN]++$/uD', $str);
} else {
return ctype_alnum($str);
}
}
Checks if a string is a proper hexadecimal HTML color value. The validation is quite flexible as it does not require an initial "#" and also allows for the short notation using only three instead of six hexadecimal characters.
string
$str
required - Input string boolean
public static function color($str)
{
return (bool) preg_match('/^#?+[0-9a-f]{3}(?:[0-9a-f]{3})?$/iD', $str);
}
Validates a credit card number, with a Luhn check if possible.
integer
$number
required - Credit card number string|array
$type
= NULL - Card type, or an array of card types boolean
public static function credit_card($number, $type = null)
{
// Remove all non-digit characters from the number
if (($number = preg_replace('/\D+/', '', $number)) === '')
return false;
if ($type == null) {
// Use the default type
$type = 'default';
} elseif (is_array($type)) {
foreach ($type as $t) {
// Test each type for validity
if (Valid::credit_card($number, $t))
return true;
}
return false;
}
$cards = Kohana::$config->load('credit_cards');
// Check card type
$type = strtolower($type);
if (!isset($cards[$type]))
return false;
// Check card number length
$length = strlen($number);
// Validate the card length by the card type
if (!in_array($length, preg_split('/\D+/', $cards[$type]['length'])))
return false;
// Check card number prefix
if (!preg_match('/^' . $cards[$type]['prefix'] . '/', $number))
return false;
// No Luhn check required
if ($cards[$type]['luhn'] == false)
return true;
return Valid::luhn($number);
}
Tests if a string is a valid date string.
string
$str
required - Date to check boolean
public static function date($str)
{
return (strtotime($str) !== false);
}
Checks if a string is a proper decimal format. Optionally, a specific number of digits can be checked too.
string
$str
required - Number to check integer
$places
= integer 2 - Number of decimal places integer
$digits
= NULL - Number of digits boolean
public static function decimal($str, $places = 2, $digits = null)
{
if ($digits > 0) {
// Specific number of digits
$digits = '{' . ( (int) $digits) . '}';
} else {
// Any number of digits
$digits = '+';
}
// Get the decimal point for the current locale
list($decimal) = array_values(localeconv());
return (bool) preg_match('/^[+-]?[0-9]' . $digits . preg_quote($decimal) . '[0-9]{' . ( (int) $places) . '}$/D', $str);
}
Checks whether a string consists of digits only (no dots or dashes).
string
$str
required - Input string boolean
$utf8
= bool FALSE - Trigger UTF-8 compatibility boolean
public static function digit($str, $utf8 = false)
{
if ($utf8 === true) {
return (bool) preg_match('/^\pN++$/uD', $str);
} else {
return (is_int($str) AND $str >= 0) OR ctype_digit($str);
}
}
Check an email address for correct format.
string
$email
required - Email address boolean
$strict
= bool FALSE - Strict RFC compatibility boolean
public static function email($email, $strict = false)
{
if (UTF8::strlen($email) > 254) {
return false;
}
if ($strict === true) {
$qtext = '[^\\x0d\\x22\\x5c\\x80-\\xff]';
$dtext = '[^\\x0d\\x5b-\\x5d\\x80-\\xff]';
$atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+';
$pair = '\\x5c[\\x00-\\x7f]';
$domain_literal = "\\x5b($dtext|$pair)*\\x5d";
$quoted_string = "\\x22($qtext|$pair)*\\x22";
$sub_domain = "($atom|$domain_literal)";
$word = "($atom|$quoted_string)";
$domain = "$sub_domain(\\x2e$sub_domain)*";
$local_part = "$word(\\x2e$word)*";
$expression = "/^$local_part\\x40$domain$/D";
} else {
$expression = '/^[-_a-z0-9\'+*$^&%=~!?{}]++(?:\.[-_a-z0-9\'+*$^&%=~!?{}]+)*+@(?:(?![-.])[-a-z0-9.]+(?<![-.])\.[a-z]{2,6}|\d{1,3}(?:\.\d{1,3}){3})$/iD';
}
return (bool) preg_match($expression, (string) $email);
}
Validate the domain of an email address by checking if the domain has a valid MX record.
string
$email
required - Email address boolean
public static function email_domain($email)
{
if (!Valid::not_empty($email))
return false; // Empty fields cause issues with checkdnsrr()
heck if the email domain has a valid MX record
return (bool) checkdnsrr(preg_replace('/^[^@]++@/', '', $email), 'MX');
}
Checks that a field is exactly the value required.
string
$value
required - Value string
$required
required - Required value boolean
public static function equals($value, $required)
{
return ($value === $required);
}
Checks that a field is exactly the right length.
string
$value
required - Value integer|array
$length
required - Exact length required, or array of valid lengths boolean
public static function exact_length($value, $length)
{
if (is_array($length)) {
foreach ($length as $strlen) {
if (UTF8::strlen($value) === $strlen)
return true;
}
return false;
}
return UTF8::strlen($value) === $length;
}
Validate an IP.
string
$ip
required - IP address boolean
$allow_private
= bool TRUE - Allow private IP networks boolean
public static function ip($ip, $allow_private = true)
{
// Do not allow reserved addresses
$flags = FILTER_FLAG_NO_RES_RANGE;
if ($allow_private === false) {
// Do not allow private or reserved addresses
$flags = $flags | FILTER_FLAG_NO_PRIV_RANGE;
}
return (bool) filter_var($ip, FILTER_VALIDATE_IP, $flags);
}
Validate a number against the Luhn (mod10) formula.
string
$number
required - Number to check boolean
public static function luhn($number)
{
// Force the value to be a string as this method uses string functions.
// Converting to an integer may pass PHP_INT_MAX and result in an error!
$number = (string) $number;
if (!ctype_digit($number)) {
// Luhn can only be used on numbers!
return false;
}
// Check number length
$length = strlen($number);
// Checksum of the card number
$checksum = 0;
for ($i = $length - 1; $i >= 0; $i -= 2) {
// Add up every 2nd digit, starting from the right
$checksum += substr($number, $i, 1);
}
for ($i = $length - 2; $i >= 0; $i -= 2) {
// Add up every 2nd digit doubled, starting from the right
$double = substr($number, $i, 1) * 2;
// Subtract 9 from the double where value is greater than 10
$checksum += ($double >= 10) ? ($double - 9) : $double;
}
// If the checksum is a multiple of 10, the number is valid
return ($checksum % 10 === 0);
}
Checks if a field matches the value of another field.
array
$array
required - Array of values string
$field
required - Field name string
$match
required - Field name to match boolean
public static function matches($array, $field, $match)
{
return ($array[$field] === $array[$match]);
}
Checks that a field is short enough.
string
$value
required - Value integer
$length
required - Maximum length required boolean
public static function max_length($value, $length)
{
return UTF8::strlen($value) <= $length;
}
Checks that a field is long enough.
string
$value
required - Value integer
$length
required - Minimum length required boolean
public static function min_length($value, $length)
{
return UTF8::strlen($value) >= $length;
}
Checks if a field is not empty.
boolean
public static function not_empty($value)
{
if (is_object($value) AND $value instanceof ArrayObject) {
// Get the array from the ArrayObject
$value = $value->getArrayCopy();
}
// Value cannot be null, false, '', or an empty array
return !in_array($value, [null, false, '', []], true);
}
Checks whether a string is a valid number (negative and decimal numbers allowed).
Uses {@link http://www.php.net/manual/en/function.localeconv.php locale conversion} to allow decimal point to be locale specific.
string
$str
required - Input string boolean
public static function numeric($str)
{
// Get the decimal point for the current locale
list($decimal) = array_values(localeconv());
// A lookahead is used to make sure the string contains at least one digit (before or after the decimal point)
return (bool) preg_match('/^-?+(?=.*[0-9])[0-9]*+' . preg_quote($decimal) . '?+[0-9]*+$/D', (string) $str);
}
Checks if a phone number is valid.
string
$number
required - Phone number to check array
$lengths
= NULL - $lengths boolean
public static function phone($number, $lengths = null)
{
if (!is_array($lengths)) {
$lengths = [7, 10, 11];
}
// Remove all non-digit characters from the number
$number = preg_replace('/\D+/', '', $number);
// Check if the number is within range
return in_array(strlen($number), $lengths);
}
Tests if a number is within a range.
string
$number
required - Number to check integer
$min
required - Minimum value integer
$max
required - Maximum value integer
$step
= NULL - Increment size boolean
public static function range($number, $min, $max, $step = null)
{
if ($number < $min OR $number > $max) {
// Number is outside of range
return false;
}
if (!$step) {
// Default to steps of 1
$step = 1;
}
// Check step requirements
return (($number - $min) % $step === 0);
}
Checks a field against a regular expression.
string
$value
required - Value string
$expression
required - Regular expression to match (including delimiters) boolean
public static function regex($value, $expression)
{
return (bool) preg_match($expression, (string) $value);
}
Validate a URL.
string
$url
required - URL boolean
public static function url($url)
{
// Based on http://www.apps.ietf.org/rfc/rfc1738.html#sec-5
if (!preg_match(
'~^
scheme
-a-z0-9+.]++://
username:password (optional)
?:
[-a-z0-9$_.+!*\'(),;?&=%]++ # username
(?::[-a-z0-9$_.+!*\'(),;?&=%]++)? # password (optional)
@
?
?:
# ip address
\d{1,3}+(?:\.\d{1,3}+){3}+
| # or
# hostname (captured)
(
(?!-)[-a-z0-9]{1,63}+(?<!-)
(?:\.(?!-)[-a-z0-9]{1,63}+(?<!-)){0,126}+
)
port (optional)
?::\d{1,5}+)?
path (optional)
?:/.*)?
~iDx', $url, $matches))
return false;
// We matched an IP address
if (!isset($matches[1]))
return true;
// Check maximum length of the whole hostname
// http://en.wikipedia.org/wiki/Domain_name#cite_note-0
if (strlen($matches[1]) > 253)
return false;
// An extra check for the top level domain
// It must start with a letter
$tld = ltrim(substr($matches[1], (int) strrpos($matches[1], '.')), '.');
return ctype_alpha($tld[0]);
}