public function form_sanitizer($value, $default = "", $input_name = FALSE, $is_multiLang = FALSE)
{
$val = array();
if ($input_name) {
if ($is_multiLang) {
foreach (fusion_get_enabled_languages() as $lang => $language) {
$iname = $input_name . "[" . $lang . "]";
if (isset($_SESSION['form_fields'][self::pageHash()][$iname])) {
$this->field_config = $_SESSION['form_fields'][self::pageHash()][$iname];
$this->field_name = $iname;
$this->field_value = $value[$lang];
$this->field_default = $default;
$val[$lang] = $this->validate();
}
}
if ($this->field_config['required'] && !$value[LANGUAGE]) {
$this->stop();
$iname = $input_name . "[" . LANGUAGE . "]";
$this->setInputError($iname);
return $default;
} else {
foreach ($val as $lang => $value) {
$val[$lang] = $val[LANGUAGE];
}
return serialize($val);
}
} else {
// Make sure that the input was actually defined in code..
// AND there must be a value to worth the processing power expense!
if (isset($_SESSION['form_fields'][self::pageHash()][$input_name])) {
$this->field_config = $_SESSION['form_fields'][self::pageHash()][$input_name];
$this->field_name = $input_name;
$this->field_value = $value;
$this->field_default = $default;
// These two checks won't be neccesary after we add the options in all inputs
// NOTE: Please don't pass 'stripinput' as callback, before we reach a callback
// everything is checked and sanitized already. The callback should only check
// if certain conditions are met then return TRUE|FALSE and not do any alterations
// the the value itself
$callback = isset($this->field_config['callback_check']) ? $this->field_config['callback_check'] : FALSE;
$regex = isset($this->field_config['regex']) ? $this->field_config['regex'] : FALSE;
$secured = $this->validate();
// If truly FALSE the check failed
if ($secured === FALSE || $this->field_config['required'] == 1 && ($secured === FALSE || $secured == '') || $secured != '' && $regex && !preg_match('@^' . $regex . '$@i', $secured) || is_callable($callback) && !$callback($secured)) {
// Flag that something went wrong
$this->stop();
$this->setInputError($input_name);
// Add regex error message.
if ($secured != '' && $regex && !preg_match('@^' . $regex . '$@i', $secured)) {
global $locale;
addNotice("danger", sprintf($locale['regex_error'], $this->field_config['title']));
unset($locale);
}
// Add a notice
if ($this->debug) {
addNotice('warning', '<strong>' . $input_name . ':</strong>' . ($this->field_config['safemode'] ? ' is in SAFEMODE and the' : '') . ' check failed');
}
// Return user's input for correction
return $this->field_value;
} else {
if ($this->debug) {
addNotice('info', $input_name . ' = ' . (is_array($secured) ? 'array' : $secured));
}
return $secured;
}
} else {
return $default;
}
}
} else {
if ($value) {
if (!is_array($value)) {
if (intval($value)) {
return stripinput($value);
// numbers
} else {
return stripinput(trim(preg_replace("/ +/i", " ", censorwords($value))));
}
} else {
$secured = array();
foreach ($value as $arr => $unsecured) {
if (intval($unsecured)) {
$secured[] = stripinput($unsecured);
// numbers
} else {
$secured[] = stripinput(trim(preg_replace("/ +/i", " ", censorwords($unsecured))));
}
}
return implode($this->field_config['delimiter'], $secured);
}
} else {
return $default;
}
}
throw new \Exception('The form sanitizer could not handle the request! (input: ' . $input_name . ')');
}
