aboutsummaryrefslogtreecommitdiff
path: root/src/FormValidation.php
diff options
context:
space:
mode:
Diffstat (limited to 'src/FormValidation.php')
-rw-r--r--src/FormValidation.php215
1 files changed, 0 insertions, 215 deletions
diff --git a/src/FormValidation.php b/src/FormValidation.php
deleted file mode 100644
index b3a3793..0000000
--- a/src/FormValidation.php
+++ /dev/null
@@ -1,215 +0,0 @@
1<?php
2// src/FormValidation.php
3
4declare(strict_types=1);
5
6class FormValidation
7{
8 private array $data; // tableau associatif (probablement $_POST)
9 private string $validation_strategy; // à remplacer plus tard par un objet (pattern stratégie) d'interface ValidationStrategy
10 private array $errors;
11 private bool $validated = false;
12
13 public function __construct(array $data, string $validation_strategy){
14 $this->data = $data;
15 $this->validation_strategy = $validation_strategy;
16 }
17
18 public function validate(): bool
19 {
20 $this->errors = [];
21
22 // pattern stratégie en une seule classe
23 switch($this->validation_strategy){
24 // bloc formulaire de contact
25 case 'email_send':
26 $this->emailStrategy();
27 break;
28 case 'email_params': // paramètrage en mode admin
29 $this->emailParamsStrategy();
30 break;
31
32 // formulaires pages spéciales
33 case 'create_user':
34 $this->createUserStrategy();
35 break;
36 case 'connection':
37 $this->connectionStrategy();
38 break;
39 case 'username_update':
40 $this->usernameUpdateStrategy();
41 break;
42 case 'password_update':
43 $this->passwordUpdateStrategy();
44 break;
45
46 default:
47 http_response_code(500); // c'est un peu comme jeter une exception
48 echo json_encode(['success' => false, 'error' => 'server_error']);
49 die;
50 }
51
52 $this->validated = true;
53 return empty($this->errors);
54 }
55
56 public function getErrors(): array
57 {
58 return $this->errors;
59 }
60
61 public function getField(string $field): string
62 {
63 return $this->validated ? $this->data[$field] : '';
64 }
65
66 // méthodes de validation
67 private function captchaValidate(bool $clean_session = true): void
68 {
69 $captcha_solution = (isset($_SESSION['captcha']) && is_int($_SESSION['captcha'])) ? $_SESSION['captcha'] : 0;
70 $captcha_try = isset($this->data['captcha']) ? Captcha::controlInput($this->data['captcha']) : 0;
71 if($clean_session){
72 unset($_SESSION['captcha']);
73 }
74
75 if($captcha_try == 0){
76 $error = 'error_non_valid_captcha';
77 }
78 elseif($captcha_solution == 0){ // ne peut pas arriver, si?
79 $error = 'captcha_server_error';
80 }
81 elseif($captcha_try !== $captcha_solution){
82 $this->errors[] = 'bad_solution_captcha';
83 }
84 }
85
86 // erreurs à la création des mots de passe
87 static private function removeSpacesTabsCRLF(string $chaine): string
88 {
89 $cibles = [' ', "\t", "\n", "\r"]; // doubles quotes !!
90 return(str_replace($cibles, '', $chaine));
91 }
92
93
94 // stratégies
95 private function emailStrategy(): void
96 {
97 $this->captchaValidate(false);
98
99 if(!isset($this->data['name']) || empty($this->data['name'])
100 || !isset($this->data['email']) || empty($this->data['email'])
101 || !isset($this->data['message']) || empty($this->data['message'])
102 || !isset($this->data['hidden']) || !empty($this->data['hidden'])){
103 $this->errors[] = 'missing_fields';
104 }
105
106 elseif(!filter_var(trim($this->data['email']), FILTER_VALIDATE_EMAIL)){
107 $this->errors[] = 'bad_email_address';
108 }
109
110 $this->data['name'] = htmlspecialchars(trim($this->data['name']));
111 $this->data['email'] = htmlspecialchars(trim($this->data['email']));
112 $this->data['message'] = htmlspecialchars($this->data['message']);
113 }
114 private function emailParamsStrategy(): void
115 {
116 if(!isset($this->data['id'], $this->data['what_param'], $this->data['value'], $this->data['hidden'])
117 || !empty($this->data['hidden'])){
118 $this->errors[] = 'missing_fields';
119 }
120
121 elseif($this->data['value'] !== ''){
122 if(!in_array($this->data['what_param'], ['smtp_host', 'smtp_secure', 'smtp_username', 'smtp_password', 'email_dest'])){
123 $this->errors[] = 'unknown_parameter';
124 }
125 elseif($this->data['what_param'] === 'smtp_username' || $this->data['what_param'] === 'email_dest'){
126 if(!filter_var($this->data['value'], FILTER_VALIDATE_EMAIL)){
127 $this->errors[] = 'invalide_email_address';
128 }
129 }
130 }
131
132 // htmlspecialchars exécutés à l'affichage dans FormBuilder
133 }
134 private function createUserStrategy(): void
135 {
136 $this->captchaValidate();
137
138 // test mauvais paramètres
139 if(!isset($this->data['login']) || empty($this->data['login'])
140 || !isset($this->data['password']) || empty($this->data['password'])
141 || !isset($this->data['password_confirmation']) || empty($this->data['password_confirmation'])
142 || !isset($this->data['create_user_hidden']) || !empty($this->data['create_user_hidden']))
143 {
144 $this->errors[] = 'bad_login_or_password';
145 }
146
147 if($this->data['password'] !== $this->data['password_confirmation']){
148 $this->errors[] = 'different_passwords';
149 }
150
151 if($this->data['login'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['login']))
152 || $this->data['password'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['password']))){
153 $this->errors[] = 'forbidden_characters';
154 }
155 }
156 private function connectionStrategy(): void
157 {
158 $this->captchaValidate();
159
160 if(!isset($this->data['login']) || empty($this->data['login'])
161 || !isset($this->data['password']) || empty($this->data['password'])
162 || !isset($this->data['connection_hidden']) || !empty($this->data['connection_hidden']))
163 {
164 $this->errors[] = 'bad_login_or_password';
165 }
166 }
167 private function usernameUpdateStrategy(): void
168 {
169 $this->captchaValidate();
170
171 if(!isset($this->data['login']) || empty($this->data['login'])
172 || !isset($this->data['password']) || empty($this->data['password'])
173 || !isset($this->data['new_login']) || empty($this->data['new_login'])
174 || !isset($this->data['modify_username_hidden']) || !empty($this->data['modify_username_hidden']))
175 {
176 $this->errors[] = 'bad_login_or_password';
177 }
178
179 $new_login = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_login']));
180 if($new_login !== $this->data['new_login']){
181 $this->errors[] = 'forbidden_characters';
182 }
183
184 if($this->data['login'] !== $_SESSION['user']){
185 $this->errors[] = 'bad_login_or_password';
186 }
187 if($this->data['login'] === $new_login){
188 $this->errors[] = 'same_username_as_before';
189 }
190 }
191 private function passwordUpdateStrategy(): void
192 {
193 $this->captchaValidate();
194
195 if(!isset($this->data['login']) || empty($this->data['login'])
196 || !isset($this->data['password']) || empty($this->data['password'])
197 || !isset($this->data['new_password']) || empty($this->data['new_password'])
198 || !isset($this->data['modify_password_hidden']) || !empty($this->data['modify_password_hidden']))
199 {
200 $this->errors[] = 'bad_login_or_password';
201 }
202
203 $new_password = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_password']));
204 if($new_password !== $this->data['new_password']){
205 $this->errors[] = 'forbidden_characters';
206 }
207
208 if($this->data['login'] !== $_SESSION['user']){
209 $this->errors[] = 'bad_login_or_password';
210 }
211 if($this->data['password'] === $new_password){
212 $this->errors[] = 'same_password_as_before';
213 }
214 }
215} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-06 17:13:09 +0000