system: Linux mars.sprixweb.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
<?
class Lib_FormValidation extends Lib_Validation_Handler
{
var $nullmessage;
var $urlmessage;
var $emailmessage;
var $spcharmessage;
var $imagemessage;
var $numbermessage;
var $limitmessage;
var $duplicatemessage;
var $formatmessage;
var $alphamessage;
var $optionmessage;
var $uploadmessage;
function Lib_FormValidation($form)
{
$this->nullmessage = "Please enter this information";
$this->emailmessage ="Please Provide a Valid Email Id";
$this->alphamessage ="Please enter Alphabets Only";
//$message3 ="Enter AlphaNumeric Only";
$this->urlmessage = "Please Provide a valid URL!";
$this->spcharmessage = "Please enter a valid information";
$this->numbermessage = "Please enter Numeric values";
$this->optionmessage = "Please select any one Option";
$this->uploadmessage = "Invalid File Format";
$this->numericstart = "Invalid File Format";
if($form=='validatelogin')
$this->validateLogin();
else if($form=='validateAddcategories')
$this->validateAddcategories();
elseif($form=='insertmember')
$this->validateInsertmember();
elseif($form=='verify')
$this->validateverify();
else if($form=='sitesettings')
$this->validateSitesettings();
else if($form=='addnews')
$this->validateAddNews();
else if($form=='editnews')
$this->validateEditNews();
else if($form=='adduser')
$this->validateInsertUser();
else if($form=='edituser')
$this->validateEditUser();
else if($form=='changepassword')
$this->validateChangePassword();
else if($form=='addvideo')
$this->validateAddVideo();
else if($form=='editvideo')
$this->validateEditVideo();
else if($form=='addsubadmin')
$this->validateAddSubAdmin();
else if($form=='editsubadmin')
$this->validateEditSubAdmin();
}
function isValidEmail($email)
{
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$", $email))
{
return FALSE;
}
$at_position = strrpos($email,'@')+1;
$after_at = substr($email,$at_position);
$tot_extenstions = substr_count($after_at,'.');
if($tot_extenstions>2)
{
return FALSE;
}
else if($tot_extenstions==2)
{
$tot_len = strlen($after_at);
$dot1_position = strpos($after_at,'.');
$dot2_position = strrpos($after_at,'.');
if(($dot2_position - $dot1_position)>5)
return FALSE;
if(($tot_len - $dot2_position)>3)
return FALSE;
}
else
{
$tot_len = strlen($after_at);
$dot1_position = strpos($after_at,'.');
if(($tot_len - $dot1_position)>5)
return FALSE;
}
return TRUE;
}
function isValidURL($url)
{
return preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $url);
}
function checkMaxLength($name,$val,$maxlen)
{
if(strlen($val)>$maxlen)
return false;
else
return true;
}
function checkMinLength($name,$val,$minlen)
{
if(strlen($val)<$minlen)
return false;
else
return true;
}
//validation for Numbers ie., if input is like 12345success it is effective
function validateNumber($str)
{
$flag = 0;
$str_array = str_split($str,1);
foreach($str_array as $value)
{
if(!is_numeric($value))
$flag++;
}
if($flag > 0)
return true;
else
return false;
}
function priceCheck($value)
{
$len=strlen($value);
for($i=0;$i<$len;$i++)
{
$a=ord($value[$i]);
if(!(($a>=48 and $a<=57) or ($a==46)))
{
return 0;
}
}
return 1;
}
function numericCheck($value)
{
$len=strlen($value);
for($i=0;$i<$len;$i++)
{
$a=ord($value[$i]);
if(!($a>=48 and $a<=57))
{
return 0;
}
}
return 1;
}
function validatelogin()
{
$getUser = new Bin_Query();
$this->Assign("admin_name",trim($_POST["admin_name"]),"noempty","UserName =>".$this->nullmessage);
$this->Assign("admin_password",trim($_POST["admin_password"]),"noempty","Password =>".$this->nullmessage);
if(!empty($_POST["admin_name"]) && !empty($_POST["admin_password"]))
{
$sql_user = "SELECT * FROM `admin_table` WHERE `admin_username` = '".trim($_POST["admin_name"])."' AND `admin_password` = '".trim(md5(md5($_POST["admin_password"])))."' AND `admin_status`='enable'";
if(!$getUser->executeQuery($sql_user))
{
$this->Assign("errmsg","","noempty","Invalid Username or Password");
}
else
{
$_SESSION['admin'] = array("user_name"=>trim($_POST["admin_name"]),"id"=>$getUser->records[0]['admin_id'],"name"=>$getUser->records[0]['admin_name'],"admin_mail"=>$getUser->records[0]['admin_email']);
if($getUser->records[0]['admin_settings1']==0)
{
$settings = array(
"generalsettings",
"networksettings",
"cyclecommission",
"paymentsettings",
"membersettings",
"levelcommission",
"xuplevelcommission",
"sitesettings",
"popup",
"headersettings"
);
}
else
{
$settings = array();
}
if($getUser->records[0]['admin_settings2']==0)
{
$user = array(
"usermanager",
"exportuser",
"userupload",
"manualupgrade"
);
}
else
{
$user = array();
}
if($getUser->records[0]['admin_settings3']==0)
{
$tools = array(
"payouts",
"bulkpayouts",
"upgrade",
"changepassword",
"database"
);
}
else
{
$tools = array();
}
if($getUser->records[0]['admin_settings4']==0)
{
$eshopee = array(
"categorysettings",
"productsettings",
"productsettings",
"contactsettings",
"eshopsettings",
"exportsales",
"exportproduct"
);
}
else
{
$eshopee = array();
}
}
if($getUser->records[0]['admin_id']!=1)
{
$sub_admin_settings = array("subadmin");
}
$_SESSION['sub_admin_privileges'] = array_merge($settings,$user,$tools,$eshopee,$sub_admin_settings);
}
$this->PerformValidation('index.php?do=adminlogin');
}
function validateAddcategories()
{
$this->Assign("txtname",trim($_POST['txtname']),"noempty","Category Name => ".$this->nullmessage);
$this->Assign("txtname",trim($_POST['txtname']),"nospecial' -'","Category Name => ".$this->spcharmessage);
$this->Assign("txtname",trim($_POST['txtname']),"nonumber","Category Name => ".$this->alphamessage);
if(!empty($_POST['txtname']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM categorey_table WHERE categorey_name = '".$_POST['txtname']."'";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("txtname","","noempty","Category Name => Category Name already exists.");
}
}
}
$this->Assign("txtstatus",trim($_POST['txtstatus']),"noempty","Status => ".$this->optionmessage);
$this->PerformValidation('?do=categories&action=add');
}
function validateSitesettings()
{
$this->Assign("site_name",trim($_POST['site_name']),"noempty","Site Name => ".$this->nullmessage);
$this->Assign("site_url",trim($_POST['site_url']),"noempty","Site Url => ".$this->nullmessage);
if(!empty($_POST['site_url']) && !$this->isValidURL(trim($_POST["site_url"])))
$this->Assign("site_url","","noempty","Site Url => ".$this->urlmessage);
if(strlen($_FILES['site_logo']['name']) != 0)
{
$img = explode("/",$_FILES['site_logo']['type']);
$type = $img[1];
if(($type != "gif") && ($type != "jpg") && ($type != "jpeg") && ($type != "png"))
$this->Assign("site_logo","","noempty","Site Logo - Don't Accept This File Formt");
else
{
if($_FILES['site_logo']['size'] > 0)
{
$header = $_FILES['site_logo']['name'];
list($width,$height,$type,$attr) = getimagesize($_FILES['site_logo']['tmp_name']);
$messages = "Header Logo should be 180px * 70px";
if(($width < '180')||($height < '70'))
$this->Assign("site_logo","","noempty","Site Logo => ".$messages);
}
}
}
$this->Assign("admin_mail_id",trim($_POST['admin_mail_id']),"noempty","Admin Mail Id => ".$this->nullmessage);
//$this->Assign("admin_mail_id",trim($_POST['admin_mail_id']),"emailcheck","Admin Mail Id => ".$emailmessage);
if(!empty($_POST['admin_mail_id']) && !$this->isValidEmail(trim($_POST["admin_mail_id"])))
$this->Assign("admin_mail_id","","noempty","Admin Mail Id => ".$this->emailmessage);
$this->Assign("company_name",trim($_POST['company_name']),"noempty","Compamy Name => ".$this->nullmessage);
$this->Assign("company_name",trim($_POST['company_name']),"nospecial' '","Company Name => ".$this->spcharmessage);
$this->Assign("company_address",trim($_POST['company_address']),"noempty' ,.'","Company Address => ".$this->spcharmessage);
$this->Assign("site_meta_title",trim($_POST['site_meta_title']),"noempty' ,.'","Site Meta Title => ".$this->spcharmessage);
$this->Assign("site_meta_keywords",trim($_POST['site_meta_keyword']),"noempty","Site Meta Keywords => ".$this->nullmessage);
$this->Assign("site_meta_description",trim($_POST['site_meta_description']),"noempty' ,.'","Site Meta Description => ".$this->spcharmessage);
$this->Assign("site_offline_note",trim($_POST['site_offline_note']),"nospecial' ,.'","Site Offline Note => ".$this->spcharmessage);
$this->Assign("site_footer_content",trim($_POST['site_footer_content']),"nospecial' ,.'","Site Footer Content => ".$this->spcharmessage);
$this->PerformValidation('?do=sitesettings');
}
function validateCategorySettings()
{
$this->Assign("category_name",trim($_POST['category_name']),"noempty","Category Name => ".$this->nullmessage);
$this->Assign("category_name",trim($_POST['category_name']),"nospecial' -'","Category Name => ".$this->spcharmessage);
$this->Assign("category_name",trim($_POST['category_name']),"nonumber","Category Name => ".$this->alphamessage);
if(!empty($_POST['category_name']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM category_table WHERE category_name = '".$_POST['category_name']."' and category_id !='".$_POST['category_id']."' ";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("category_name","","noempty","Category Name => Category Name already exists.");
}
}
}
$this->Assign("status",trim($_POST['status']),"noempty","Status => ".$this->optionmessage);
$this->PerformValidation('?do=categorysettings&action=editcategory&catid='.$_POST['category_id']);
}
function validateAddNews()
{
$this->Assign("news_title",trim($_POST['news_title']),"noempty","News Title => ".$this->nullmessage);
$this->Assign("news_title",trim($_POST['news_title']),"nospecial' -'","News Title => ".$this->spcharmessage);
$this->Assign("news_title",trim($_POST['news_title']),"nonumber","News Title => ".$this->alphamessage);
if(!empty($_POST['news_title']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM news_table WHERE news_header = '".$_POST['news_title']."'";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("news_title","","noempty","News Title => News Title already exists.");
}
}
}
$this->Assign("news_description",trim($_POST['news_description']),"noempty","News Description => ".$this->nullmessage);
// $this->Assign("news_description",trim($_POST['news_description']),"nospecial' *@!.,-'","News Description => ".$this->spcharmessage);
$this->Assign("news_status",trim($_POST['news_status']),"noempty","News_status => ".$this->optionmessage);
$this->PerformValidation('?do=newssettings&action=addnews');
}
function validateEditNews()
{
$this->Assign("edit_news_description",trim($_POST['edit_news_description']),"noempty","News Description => ".$this->nullmessage);
$this->Assign("edit_news_header",trim($_POST['edit_news_header']),"noempty","News Title => ".$this->nullmessage);
$this->Assign("edit_news_header",trim($_POST['edit_news_header']),"nospecial' -'","News Title => ".$this->spcharmessage);
$this->Assign("edit_news_header",trim($_POST['edit_news_header']),"nonumber","News Title => ".$this->alphamessage);
if(!empty($_POST['edit_news_header']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM news_table WHERE news_header = '".$_POST['edit_news_header']."' and news_id !='".$_POST['news_id']."' ";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("edit_news_header","","noempty","News Title => News Title already exists.");
}
}
}
// $this->Assign("edit_news_description",trim($_POST['edit_news_description']),"nospecial' *@!.,-s'","News Description => ".$this->spcharmessage);
$this->PerformValidation('?do=newssettings&action=editnews&newsid='.$_POST['news_id']);
}
function validateInsertUser()
{
$this->Assign("txtname",trim($_POST['txtname']),"noempty","Memeber Name => ".$this->nullmessage);
$this->Assign("txtfname",trim($_POST['txtfname']),"noempty","Father OR Husband Name => ".$this->nullmessage);
$this->Assign("txtusername",trim($_POST['txtusername']),"noempty","Card No => ".$this->nullmessage);
//$this->Assign("txtusername",trim($_POST['txtusername']),"nospecial' '","Card No => ".$this->spcharmessage);
if(!empty($_POST['txtusername']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM members_table WHERE members_icard = '".$_POST['txtusername']."'";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("txtusername","","noempty","Card No => Card No already exists.");
}
}
}
$this->Assign("txtrank",trim($_POST['txtrank']),"noempty","Rank => ".$this->nullmessage);
$this->Assign("txtblood",trim($_POST['txtblood']),"noempty","Blood Group => ".$this->nullmessage);
$this->Assign("txtdob",trim($_POST['txtdob']),"noempty","Date of Birth => ".$this->nullmessage);
$this->Assign("txtaddress",trim($_POST['txtaddress']),"noempty","Address=> ".$this->nullmessage);
$this->Assign("txtzipcode",trim($_POST['txtzipcode']),"nospecial' .'","Zip Code => ".$this->spcharmessage);
$this->Assign("txtphone",trim($_POST['txtphone']),"nospecial' '","Phone => ".$this->spcharmessage);
if(strlen($_FILES['image']['name']) != 0)
{
$img = explode("/",$_FILES['image']['type']);
$type = $img[1];
if(($type != "gif") && ($type != "jpg") && ($type != "jpeg") && ($type != "png"))
$this->Assign("image","","noempty","User Image => ".$this->uploadmessage);
}
$this->PerformValidation('?do=usermanager&action=adduser');
}
function validateEditUser()
{
$this->Assign("txtname",trim($_POST['txtname']),"noempty","Member Name => ".$this->nullmessage);
$this->Assign("txtfname",trim($_POST['txtfname']),"noempty","Father Name => ".$this->nullmessage);
$this->Assign("txtzipcode",trim($_POST['txtzipcode']),"nospecial' .'","Postal Code => ".$this->spcharmessage);
$this->Assign("txtphone",trim($_POST['txtphone']),"nospecial' '","Phone => ".$this->spcharmessage);
if(strlen($_FILES['image']['name']) != 0)
{
$img = explode("/",$_FILES['image']['type']);
$type = $img[1];
if(($type != "gif") && ($type != "jpg") && ($type != "jpeg") && ($type != "png"))
$this->Assign("image","","noempty","User Image => ".$this->uploadmessage);
}
$this->PerformValidation('?do=usermanager&action=edituser&id='.$_POST['user_id']);
}
function validateChangePassword()
{
$this->Assign("oldpass",trim($_POST['oldpass']),"noempty","Old Password => ".$this->nullmessage);
$this->Assign("newpass",trim($_POST['newpass']),"noempty","New Password => ".$this->nullmessage);
$this->Assign("confirmpass",trim($_POST['confirmpass']),"noempty","Confirm Password => ".$this->nullmessage);
$oldpass=md5(md5($_POST['oldpass']));
$newpass=md5(md5($_POST['newpass']));
if($_POST['oldpass'] != "")
{
$sql="SELECT * FROM admin_table WHERE admin_password='".$oldpass."' AND admin_id='".$_SESSION['admin']['id']."'";
$qry = new Bin_Query();
$qry->executeQuery($sql);
if(count($qry->records) == 0)
{
$this->Assign("oldpass","","noempty","Old Password => Enter the Correct Old Password ");
}
}
if($_POST['newpass'] !="" && $_POST['confirmpass'] !="")
{
if($_POST['newpass'] != $_POST['confirmpass'])
{
$this->Assign("newpass","","noempty","New Password and Confirm Password Should be Same");
$this->Assign("confirmpass","","noempty"," ");
}
}
$this->PerformValidation('?do=changepassword');
}
function validateAddVideo()
{
$this->Assign("txttitle",trim($_POST['txttitle']),"noempty","Title => ".$this->nullmessage);
$this->Assign("video_desc",trim($_POST['video_desc']),"noempty","Description => ".$this->nullmessage);
$this->Assign("video_source",trim($_POST['video_source']),"noempty","Video => ".$this->nullmessage);
$this->Assign("video_status",trim($_POST['video_status']),"noempty","Status => ".$this->optionmessage);
$this->PerformValidation('?do=video&action=addvideo');
}
function validateEditVideo()
{
$this->Assign("txttitle",trim($_POST['txttitle']),"noempty","Title => ".$this->nullmessage);
$this->Assign("video_desc",trim($_POST['video_desc']),"noempty","Description => ".$this->nullmessage);
$this->Assign("video_source",trim($_POST['video_source']),"noempty","Video => ".$this->nullmessage);
$this->Assign("video_status",trim($_POST['video_status']),"noempty","Status => ".$this->optionmessage);
$this->PerformValidation('?do=video&action=editvideo&video_id='.$_POST['video_id']);
}
function validateAddSubAdmin()
{
$this->Assign("admin_name",trim($_POST['sadmin_name']),"noempty","Administrator Name =>".$this->nullmessage);
$this->Assign("admin_name",trim($_POST['sadmin_name']),"nospecial' .'","Message => ".$this->spcharmessage);
$this->Assign("admin_name",$_POST['sadmin_name'],"nonumber","Administrator Name =>".$this->alphamessage);
$this->Assign("admin_name",$_POST['sadmin_name'],"nonumericstart","Administrator Name =>".$this->numericstart);
if(strlen($_POST['sadmin_name'])<4 && strlen($_POST['sadmin_name'])>0)
$this->Assign("admin_name","","noempty","Administrator Name => Administrator Name should contain atleast 4 characters");
if(strlen($_POST['sadmin_uname'])>15)
$this->Assign("admin_username","","noempty","Administrator Name => Administrator Name cannot exceed 15 characters");
$this->Assign("admin_username",$_POST['sadmin_uname'],"noempty","Administrator Username =>".$this->nullmessage);
$this->Assign("admin_username",trim($_POST['sadmin_uname']),"nospecial' .'","Administrator Username => ".$this->spcharmessage);
//$this->Assign("admin_username",$_POST['sadmin_uname'],"nonumber","Administrator Username =>".$this->alphamessage);
$this->Assign("admin_username",$_POST['sadmin_uname'],"nonumericstart","Administrator Username =>".$this->numericstart);
if(!empty($_POST['sadmin_uname']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM admin_table WHERE admin_username = '".$_POST['sadmin_uname']."'";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("admin_username","","noempty","Administrator Username => Username already exists.");
}
}
}
if(strlen($_POST['sadmin_uname'])<4 && strlen($_POST['sadmin_uname'])>0)
$this->Assign("admin_username","","noempty","Administrator Username => Administrator Username should contain atleast 4 characters");
if(strlen($_POST['sadmin_uname'])>15)
$this->Assign("admin_username","","noempty","Administrator Username => Administrator Username cannot exceed 15 characters");
$this->Assign("admin_email",$_POST['sadmin_email'],"noempty","Admin Email Id => ".$this->nullmessage);
if(!empty($_POST['sadmin_email']) && !$this->isValidEmail(trim($_POST["sadmin_email"])))
$this->Assign("admin_email","","noempty",$this->emailmessage);
if(!empty($_POST['sadmin_email']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM admin_table WHERE admin_email = '".$_POST['sadmin_email']."'";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("admin_email","","noempty","Admin Email Id => Email already exists.");
}
}
}
$this->Assign("admin_password",$_POST['sadmin_password'],"noempty","Administrator Password => Password field cannot be left blank");
if(!empty($_POST['sadmin_password']) && !$this->checkMaxLength("password",($_POST['sadmin_password']),32))
$this->Assign("admin_password","","noempty","Administrator Password =>".$this->limitmessage."32");
if(!empty($_POST['sadmin_password'])&& !$this->checkMinLength("admin_password",($_POST['sadmin_password']),6))
$this->Assign("admin_password","","noempty","Administrator Password => Password Should be 6 - 32 characters");
$this->PerformValidation("?do=subadmin&action=addsubadmin");
}
function validateEditSubAdmin()
{
print_r($_POST);
$this->Assign("admin_name",$_POST['sadmin_name'],"noempty","Administrator Name =>".$this->nullmessage);
$this->Assign("admin_name",trim($_POST['sadmin_name']),"nospecial' .'","Administrator Name => ".$this->spcharmessage);
$this->Assign("admin_name",$_POST['sadmin_name'],"nonumber","Administrator Name =>".$this->alphamessage);
$this->Assign("admin_name",$_POST['sadmin_name'],"nonumericstart","Administrator Name =>".$this->alphamessage);
/* $this->Assign("admin_username",$_POST['sadmin_uname'],"noempty","Administrator Username =>".$this->nullmessage);
if(!empty($_POST['sadmin_uname']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM admin_table WHERE admin_username = '".$_POST['sadmin_uname']."'";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("admin_username","","noempty","Administrator Username => Username already exists.");
}
}
}
$this->Assign("admin_username",trim($_POST['sadmin_uname']),"nospecial' .'","Administrator Username => ".$this->spcharmessage);
$this->Assign("admin_username",$_POST['sadmin_uname'],"nonumber","Administrator Username =>".$this->alphamessage);
$this->Assign("admin_username",$_POST['sadmin_uname'],"nonumericstart","Administrator Username =>".$this->numericstart);
$this->Assign("admin_email",$_POST['sadmin_email'],"noempty","Admin Email Id =>".$this->nullmessage);
if(!empty($_POST['sadmin_email']) && !$this->isValidEmail(trim($_POST["sadmin_email"])))
$this->Assign("admin_email","","noempty",$this->emailmessage);
*/
$this->Assign("admin_email",$_POST['sadmin_email'],"noempty","Admin Email Id => ".$this->nullmessage);
if(!empty($_POST['sadmin_email']) && !$this->isValidEmail(trim($_POST["sadmin_email"])))
$this->Assign("admin_email","","noempty",$this->emailmessage);
if(!empty($_POST['sadmin_email']))
{
$getvalues = new Bin_Query();
$sql = "SELECT * FROM admin_table WHERE admin_email = '".$_POST['sadmin_email']."' and admin_id !='".$_POST['sadmin_id']."'";
if($getvalues->executeQuery($sql))
{
if($getvalues->totrows >= 1)
{
$this->Assign("admin_email","","noempty","Admin Email Id => Email already exists.");
}
}
}
$this->PerformValidation("?do=subadmin&action=editsubadmin&sadmin_id=".$_POST['sadmin_id']);
}
}
?>