Révision e68abb6a
Ajouté par Jocelyn Delande il y a presque 11 ans
ajax/add_reference.php | ||
---|---|---|
1 |
<?php |
|
2 |
require_once('../class/FormValidator.class.php'); |
|
3 |
require_once('../class/RefPoint.class.php'); |
|
4 |
require_once('../class/site_point.class.php'); |
|
5 |
|
|
6 |
$fields_spec = array('x' => array('required', 'numeric', 'positive'), |
|
7 |
'y' => array('required', 'numeric', 'positive'), |
|
8 |
'panorama' => array('required'), |
|
9 |
'ref_point' => array('required')); |
|
10 |
|
|
11 |
|
|
12 |
$validator = new FormValidator($fields_spec); |
|
13 |
if ($validator->validate($_REQUEST)) { |
|
14 |
$vals = $validator->sane_values(); |
|
15 |
|
|
16 |
// temp test code |
|
17 |
echo '<h1>pano !</h1>'; |
|
18 |
$pano = site_point::get($vals['panorama']); |
|
19 |
var_dump($pano->get_params()); |
|
20 |
|
|
21 |
echo '<h1>ref point !</h1>'; |
|
22 |
$ref_point_name = urldecode($vals['ref_point']); |
|
23 |
var_dump(RefPoint::get($ref_point_name)); |
|
24 |
|
|
25 |
} else { |
|
26 |
echo var_dump($validator->errors()); |
|
27 |
} |
|
28 |
|
|
29 |
// Test url : clear ;curl 'http://localhost/~jocelyn/panorama/ajax/add_reference.php?x=42&y=42&panorama=pano_couttolenc_bords_jointifs&ref_point=%C3%89glise%20saint-jacques' |
|
30 |
?> |
class/FormValidator.class.php | ||
---|---|---|
1 |
<?php |
|
2 |
|
|
3 |
class FieldValidationError extends Exception {} |
|
4 |
|
|
5 |
class FormValidator { |
|
6 |
/* A tool to validate the parameters of a request (GET/POST) against a set |
|
7 |
* of rules. |
|
8 |
* |
|
9 |
**/ |
|
10 |
private $errors; |
|
11 |
private $sanitized; |
|
12 |
public static $validator; |
|
13 |
public static $field_validators; |
|
14 |
private $format; |
|
15 |
|
|
16 |
public function __construct($format) { |
|
17 |
$this->errors = array(); |
|
18 |
$this->sanitized = array(); |
|
19 |
$this->format = $format; |
|
20 |
} |
|
21 |
|
|
22 |
public function validate($request) { |
|
23 |
/** Validate the given request |
|
24 |
* value dict against the validator rules. |
|
25 |
* |
|
26 |
* @param $request a dict like $_REQUEST, $_GET or $_POST |
|
27 |
* @returns true if valid, false else. |
|
28 |
*/ |
|
29 |
$this->errors = array(); |
|
30 |
$sanitized = array(); |
|
31 |
foreach($this->format as $fieldname => $validators) { |
|
32 |
$err = false; |
|
33 |
$sanitized_f = false; |
|
34 |
foreach($validators as $validator) { |
|
35 |
if ($validator == 'required') { |
|
36 |
if (! isset($request[$fieldname])) { |
|
37 |
$err = 'n\'est pas renseigné'; |
|
38 |
break; |
|
39 |
} else { |
|
40 |
$sanitized_f = $request[$fieldname]; |
|
41 |
} |
|
42 |
} else { |
|
43 |
$val = $request[$fieldname]; |
|
44 |
try { |
|
45 |
$sanitized_f = $this->validate_field($validator, $val); |
|
46 |
} catch (FieldValidationError $e) { |
|
47 |
$err = $e->getMessage(); |
|
48 |
break; |
|
49 |
} |
|
50 |
} |
|
51 |
} |
|
52 |
if ($err) { |
|
53 |
$this->errors[$fieldname] = $err; |
|
54 |
} else { |
|
55 |
$sanitized[$fieldname] = $sanitized_f; |
|
56 |
} |
|
57 |
} |
|
58 |
$this->sanitized = $sanitized; |
|
59 |
|
|
60 |
return ($err == false); |
|
61 |
} |
|
62 |
|
|
63 |
public function validate_field($validator, $content) { |
|
64 |
/** Returns sanitized value if ok, throws a FieldValidationError otherwise |
|
65 |
*/ |
|
66 |
if (isset(self::$field_validators[$validator])) { |
|
67 |
$f = self::$field_validators[$validator]; |
|
68 |
return $f($content); |
|
69 |
} else { |
|
70 |
throw new FieldValidationError("'$validator' validator does not exist"); |
|
71 |
} |
|
72 |
} |
|
73 |
|
|
74 |
public function errors() { |
|
75 |
/** An associative array form-key => error |
|
76 |
*/ |
|
77 |
return $this->errors; |
|
78 |
} |
|
79 |
|
|
80 |
public function sane_values() { |
|
81 |
return $this->sanitized; |
|
82 |
} |
|
83 |
|
|
84 |
public static function register($name, $function) { |
|
85 |
self::$field_validators[$name] = $function; |
|
86 |
} |
|
87 |
} |
|
88 |
FormValidator::$field_validators = array(); |
|
89 |
|
|
90 |
|
|
91 |
FormValidator::register( |
|
92 |
'numeric', |
|
93 |
function ($v) { |
|
94 |
$sanitized = floatval($v); |
|
95 |
if ($sanitized === false) { |
|
96 |
throw new FieldValidationError('n\'est pas une valeur numérique'); |
|
97 |
} else { |
|
98 |
return $sanitized; |
|
99 |
} |
|
100 |
} |
|
101 |
); |
|
102 |
|
|
103 |
FormValidator::register( |
|
104 |
'positive', |
|
105 |
function ($v) { |
|
106 |
if ($v < 0) { |
|
107 |
throw new FieldValidationError('est négatif'); |
|
108 |
} else { |
|
109 |
return floatval($v); |
|
110 |
} |
|
111 |
} |
|
112 |
); |
|
113 |
|
|
114 |
?> |
class/RefPoint.class.php | ||
---|---|---|
1 |
<?php |
|
2 |
require_once(dirname(__FILE__).'/../constants.inc.php'); |
|
3 |
|
|
4 |
// |
|
5 |
class RefPoint { |
|
6 |
static $all_ref_points_cache; |
|
7 |
|
|
8 |
public static function load_if_needed() { |
|
9 |
if (!isset(self::$all_ref_points_cache)) { |
|
10 |
$ref_points_filename = '../ref_points.local.php'; |
|
11 |
if (file_exists($ref_points_filename)) { |
|
12 |
require($ref_points_filename); |
|
13 |
self::$all_ref_points_cache = $ref_points; |
|
14 |
return $ref_points; |
|
15 |
} else { |
|
16 |
return array(); |
|
17 |
} |
|
18 |
} |
|
19 |
return self::$all_ref_points_cache; |
|
20 |
} |
|
21 |
|
|
22 |
public static function get($name) { |
|
23 |
self::load_if_needed(); |
|
24 |
return self::$all_ref_points_cache[$name]; |
|
25 |
} |
|
26 |
|
|
27 |
} |
|
28 |
?> |
Formats disponibles : Unified diff
first steps of add_reference.php webservice : input validation/sanitization and RefPoint class