Validator.php 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507
  1. <?php
  2. /**
  3. * @link https://www.yiiframework.com/
  4. * @copyright Copyright (c) 2008 Yii Software LLC
  5. * @license https://www.yiiframework.com/license/
  6. */
  7. namespace yii\validators;
  8. use Yii;
  9. use yii\base\Component;
  10. use yii\base\NotSupportedException;
  11. /**
  12. * Validator is the base class for all validators.
  13. *
  14. * Child classes should override the [[validateValue()]] and/or [[validateAttribute()]] methods to provide the actual
  15. * logic of performing data validation. Child classes may also override [[clientValidateAttribute()]]
  16. * to provide client-side validation support.
  17. *
  18. * Validator declares a set of [[builtInValidators|built-in validators]] which can
  19. * be referenced using short names. They are listed as follows:
  20. *
  21. * - `boolean`: [[BooleanValidator]]
  22. * - `captcha`: [[\yii\captcha\CaptchaValidator]]
  23. * - `compare`: [[CompareValidator]]
  24. * - `date`: [[DateValidator]]
  25. * - `datetime`: [[DateValidator]]
  26. * - `time`: [[DateValidator]]
  27. * - `default`: [[DefaultValueValidator]]
  28. * - `double`: [[NumberValidator]]
  29. * - `each`: [[EachValidator]]
  30. * - `email`: [[EmailValidator]]
  31. * - `exist`: [[ExistValidator]]
  32. * - `file`: [[FileValidator]]
  33. * - `filter`: [[FilterValidator]]
  34. * - `image`: [[ImageValidator]]
  35. * - `in`: [[RangeValidator]]
  36. * - `integer`: [[NumberValidator]]
  37. * - `match`: [[RegularExpressionValidator]]
  38. * - `required`: [[RequiredValidator]]
  39. * - `safe`: [[SafeValidator]]
  40. * - `string`: [[StringValidator]]
  41. * - `trim`: [[TrimValidator]]
  42. * - `unique`: [[UniqueValidator]]
  43. * - `url`: [[UrlValidator]]
  44. * - `ip`: [[IpValidator]]
  45. *
  46. * For more details and usage information on Validator, see the [guide article on validators](guide:input-validation).
  47. *
  48. * @property-read array $attributeNames Attribute names.
  49. * @property-read array|null $validationAttributes List of attribute names.
  50. *
  51. * @author Qiang Xue <qiang.xue@gmail.com>
  52. * @since 2.0
  53. */
  54. class Validator extends Component
  55. {
  56. /**
  57. * @var array list of built-in validators (name => class or configuration)
  58. */
  59. public static $builtInValidators = [
  60. 'boolean' => 'yii\validators\BooleanValidator',
  61. 'captcha' => 'yii\captcha\CaptchaValidator',
  62. 'compare' => 'yii\validators\CompareValidator',
  63. 'date' => 'yii\validators\DateValidator',
  64. 'datetime' => [
  65. 'class' => 'yii\validators\DateValidator',
  66. 'type' => DateValidator::TYPE_DATETIME,
  67. ],
  68. 'time' => [
  69. 'class' => 'yii\validators\DateValidator',
  70. 'type' => DateValidator::TYPE_TIME,
  71. ],
  72. 'default' => 'yii\validators\DefaultValueValidator',
  73. 'double' => 'yii\validators\NumberValidator',
  74. 'each' => 'yii\validators\EachValidator',
  75. 'email' => 'yii\validators\EmailValidator',
  76. 'exist' => 'yii\validators\ExistValidator',
  77. 'file' => 'yii\validators\FileValidator',
  78. 'filter' => 'yii\validators\FilterValidator',
  79. 'image' => 'yii\validators\ImageValidator',
  80. 'in' => 'yii\validators\RangeValidator',
  81. 'integer' => [
  82. 'class' => 'yii\validators\NumberValidator',
  83. 'integerOnly' => true,
  84. ],
  85. 'match' => 'yii\validators\RegularExpressionValidator',
  86. 'number' => 'yii\validators\NumberValidator',
  87. 'required' => 'yii\validators\RequiredValidator',
  88. 'safe' => 'yii\validators\SafeValidator',
  89. 'string' => 'yii\validators\StringValidator',
  90. 'trim' => [
  91. 'class' => 'yii\validators\TrimValidator',
  92. 'skipOnArray' => true,
  93. ],
  94. 'unique' => 'yii\validators\UniqueValidator',
  95. 'url' => 'yii\validators\UrlValidator',
  96. 'ip' => 'yii\validators\IpValidator',
  97. ];
  98. /**
  99. * @var array|string attributes to be validated by this validator. For multiple attributes,
  100. * please specify them as an array; for single attribute, you may use either a string or an array.
  101. */
  102. public $attributes = [];
  103. /**
  104. * @var string|null the user-defined error message. It may contain the following placeholders which
  105. * will be replaced accordingly by the validator:
  106. *
  107. * - `{attribute}`: the label of the attribute being validated
  108. * - `{value}`: the value of the attribute being validated
  109. *
  110. * Note that some validators may introduce other properties for error messages used when specific
  111. * validation conditions are not met. Please refer to individual class API documentation for details
  112. * about these properties. By convention, this property represents the primary error message
  113. * used when the most important validation condition is not met.
  114. */
  115. public $message;
  116. /**
  117. * @var array|string scenarios that the validator can be applied to. For multiple scenarios,
  118. * please specify them as an array; for single scenario, you may use either a string or an array.
  119. */
  120. public $on = [];
  121. /**
  122. * @var array|string scenarios that the validator should not be applied to. For multiple scenarios,
  123. * please specify them as an array; for single scenario, you may use either a string or an array.
  124. */
  125. public $except = [];
  126. /**
  127. * @var bool whether this validation rule should be skipped if the attribute being validated
  128. * already has some validation error according to some previous rules. Defaults to true.
  129. */
  130. public $skipOnError = true;
  131. /**
  132. * @var bool whether this validation rule should be skipped if the attribute value
  133. * is null or an empty string. This property is used only when validating [[yii\base\Model]].
  134. */
  135. public $skipOnEmpty = true;
  136. /**
  137. * @var bool whether to enable client-side validation for this validator.
  138. * The actual client-side validation is done via the JavaScript code returned
  139. * by [[clientValidateAttribute()]]. If that method returns null, even if this property
  140. * is true, no client-side validation will be done by this validator.
  141. */
  142. public $enableClientValidation = true;
  143. /**
  144. * @var callable|null a PHP callable that replaces the default implementation of [[isEmpty()]].
  145. * If not set, [[isEmpty()]] will be used to check if a value is empty. The signature
  146. * of the callable should be `function ($value)` which returns a boolean indicating
  147. * whether the value is empty.
  148. */
  149. public $isEmpty;
  150. /**
  151. * @var callable|null a PHP callable whose return value determines whether this validator should be applied.
  152. * The signature of the callable should be `function ($model, $attribute)`, where `$model` and `$attribute`
  153. * refer to the model and the attribute currently being validated. The callable should return a boolean value.
  154. *
  155. * This property is mainly provided to support conditional validation on the server-side.
  156. * If this property is not set, this validator will be always applied on the server-side.
  157. *
  158. * The following example will enable the validator only when the country currently selected is USA:
  159. *
  160. * ```php
  161. * function ($model) {
  162. * return $model->country == Country::USA;
  163. * }
  164. * ```
  165. *
  166. * @see whenClient
  167. */
  168. public $when;
  169. /**
  170. * @var string|null a JavaScript function name whose return value determines whether this validator should be applied
  171. * on the client-side. The signature of the function should be `function (attribute, value)`, where
  172. * `attribute` is an object describing the attribute being validated (see [[clientValidateAttribute()]])
  173. * and `value` the current value of the attribute.
  174. *
  175. * This property is mainly provided to support conditional validation on the client-side.
  176. * If this property is not set, this validator will be always applied on the client-side.
  177. *
  178. * The following example will enable the validator only when the country currently selected is USA:
  179. *
  180. * ```javascript
  181. * function (attribute, value) {
  182. * return $('#country').val() === 'USA';
  183. * }
  184. * ```
  185. *
  186. * @see when
  187. */
  188. public $whenClient;
  189. /**
  190. * Creates a validator object.
  191. * @param string|\Closure $type the validator type. This can be either:
  192. * * a built-in validator name listed in [[builtInValidators]];
  193. * * a method name of the model class;
  194. * * an anonymous function;
  195. * * a validator class name.
  196. * @param \yii\base\Model $model the data model to be validated.
  197. * @param array|string $attributes list of attributes to be validated. This can be either an array of
  198. * the attribute names or a string of comma-separated attribute names.
  199. * @param array $params initial values to be applied to the validator properties.
  200. * @return Validator the validator
  201. */
  202. public static function createValidator($type, $model, $attributes, $params = [])
  203. {
  204. $params['attributes'] = $attributes;
  205. if ($type instanceof \Closure) {
  206. $params['class'] = __NAMESPACE__ . '\InlineValidator';
  207. $params['method'] = $type;
  208. } elseif (!isset(static::$builtInValidators[$type]) && $model->hasMethod($type)) {
  209. // method-based validator
  210. $params['class'] = __NAMESPACE__ . '\InlineValidator';
  211. $params['method'] = [$model, $type];
  212. } else {
  213. unset($params['current']);
  214. if (isset(static::$builtInValidators[$type])) {
  215. $type = static::$builtInValidators[$type];
  216. }
  217. if (is_array($type)) {
  218. $params = array_merge($type, $params);
  219. } else {
  220. $params['class'] = $type;
  221. }
  222. }
  223. return Yii::createObject($params);
  224. }
  225. /**
  226. * {@inheritdoc}
  227. */
  228. public function init()
  229. {
  230. parent::init();
  231. $this->attributes = (array) $this->attributes;
  232. $this->on = (array) $this->on;
  233. $this->except = (array) $this->except;
  234. }
  235. /**
  236. * Validates the specified object.
  237. * @param \yii\base\Model $model the data model being validated
  238. * @param array|string|null $attributes the list of attributes to be validated.
  239. * Note that if an attribute is not associated with the validator - it will be
  240. * ignored. If this parameter is null, every attribute listed in [[attributes]] will be validated.
  241. */
  242. public function validateAttributes($model, $attributes = null)
  243. {
  244. $attributes = $this->getValidationAttributes($attributes);
  245. foreach ($attributes as $attribute) {
  246. $skip = $this->skipOnError && $model->hasErrors($attribute)
  247. || $this->skipOnEmpty && $this->isEmpty($model->$attribute);
  248. if (!$skip) {
  249. if ($this->when === null || call_user_func($this->when, $model, $attribute)) {
  250. $this->validateAttribute($model, $attribute);
  251. }
  252. }
  253. }
  254. }
  255. /**
  256. * Returns a list of attributes this validator applies to.
  257. * @param array|string|null $attributes the list of attributes to be validated.
  258. *
  259. * - If this is `null`, the result will be equal to [[getAttributeNames()]].
  260. * - If this is a string or an array, the intersection of [[getAttributeNames()]]
  261. * and the specified attributes will be returned.
  262. *
  263. * @return array|null list of attribute names.
  264. * @since 2.0.16
  265. */
  266. public function getValidationAttributes($attributes = null)
  267. {
  268. if ($attributes === null) {
  269. return $this->getAttributeNames();
  270. }
  271. if (is_scalar($attributes)) {
  272. $attributes = [$attributes];
  273. }
  274. $newAttributes = [];
  275. $attributeNames = $this->getAttributeNames();
  276. foreach ($attributes as $attribute) {
  277. // do not strict compare, otherwise int attributes would fail due to to string conversion in getAttributeNames() using ltrim().
  278. if (in_array($attribute, $attributeNames, false)) {
  279. $newAttributes[] = $attribute;
  280. }
  281. }
  282. return $newAttributes;
  283. }
  284. /**
  285. * Validates a single attribute.
  286. * Child classes must implement this method to provide the actual validation logic.
  287. * @param \yii\base\Model $model the data model to be validated
  288. * @param string $attribute the name of the attribute to be validated.
  289. */
  290. public function validateAttribute($model, $attribute)
  291. {
  292. $result = $this->validateValue($model->$attribute);
  293. if (!empty($result)) {
  294. $this->addError($model, $attribute, $result[0], $result[1]);
  295. }
  296. }
  297. /**
  298. * Validates a given value.
  299. * You may use this method to validate a value out of the context of a data model.
  300. * @param mixed $value the data value to be validated.
  301. * @param string|null $error the error message to be returned, if the validation fails.
  302. * @return bool whether the data is valid.
  303. */
  304. public function validate($value, &$error = null)
  305. {
  306. $result = $this->validateValue($value);
  307. if (empty($result)) {
  308. return true;
  309. }
  310. list($message, $params) = $result;
  311. $params['attribute'] = Yii::t('yii', 'the input value');
  312. if (is_array($value)) {
  313. $params['value'] = 'array()';
  314. } elseif (is_object($value)) {
  315. $params['value'] = 'object';
  316. } else {
  317. $params['value'] = $value;
  318. }
  319. $error = $this->formatMessage($message, $params);
  320. return false;
  321. }
  322. /**
  323. * Validates a value.
  324. * A validator class can implement this method to support data validation out of the context of a data model.
  325. * @param mixed $value the data value to be validated.
  326. * @return array|null the error message and the array of parameters to be inserted into the error message.
  327. * ```php
  328. * if (!$valid) {
  329. * return [$this->message, [
  330. * 'param1' => $this->param1,
  331. * 'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
  332. * 'mimeTypes' => implode(', ', $this->mimeTypes),
  333. * 'param4' => 'etc...',
  334. * ]];
  335. * }
  336. *
  337. * return null;
  338. * ```
  339. * for this example `message` template can contain `{param1}`, `{formattedLimit}`, `{mimeTypes}`, `{param4}`
  340. *
  341. * Null should be returned if the data is valid.
  342. * @throws NotSupportedException if the validator does not supporting data validation without a model
  343. */
  344. protected function validateValue($value)
  345. {
  346. throw new NotSupportedException(get_class($this) . ' does not support validateValue().');
  347. }
  348. /**
  349. * Returns the JavaScript needed for performing client-side validation.
  350. *
  351. * Calls [[getClientOptions()]] to generate options array for client-side validation.
  352. *
  353. * You may override this method to return the JavaScript validation code if
  354. * the validator can support client-side validation.
  355. *
  356. * The following JavaScript variables are predefined and can be used in the validation code:
  357. *
  358. * - `attribute`: an object describing the the attribute being validated.
  359. * - `value`: the value being validated.
  360. * - `messages`: an array used to hold the validation error messages for the attribute.
  361. * - `deferred`: an array used to hold deferred objects for asynchronous validation
  362. * - `$form`: a jQuery object containing the form element
  363. *
  364. * The `attribute` object contains the following properties:
  365. * - `id`: a unique ID identifying the attribute (e.g. "loginform-username") in the form
  366. * - `name`: attribute name or expression (e.g. "[0]content" for tabular input)
  367. * - `container`: the jQuery selector of the container of the input field
  368. * - `input`: the jQuery selector of the input field under the context of the form
  369. * - `error`: the jQuery selector of the error tag under the context of the container
  370. * - `status`: status of the input field, 0: empty, not entered before, 1: validated, 2: pending validation, 3: validating
  371. *
  372. * @param \yii\base\Model $model the data model being validated
  373. * @param string $attribute the name of the attribute to be validated.
  374. * @param \yii\web\View $view the view object that is going to be used to render views or view files
  375. * containing a model form with this validator applied.
  376. * @return string|null the client-side validation script. Null if the validator does not support
  377. * client-side validation.
  378. * @see getClientOptions()
  379. * @see \yii\widgets\ActiveForm::enableClientValidation
  380. */
  381. public function clientValidateAttribute($model, $attribute, $view)
  382. {
  383. return null;
  384. }
  385. /**
  386. * Returns the client-side validation options.
  387. * This method is usually called from [[clientValidateAttribute()]]. You may override this method to modify options
  388. * that will be passed to the client-side validation.
  389. * @param \yii\base\Model $model the model being validated
  390. * @param string $attribute the attribute name being validated
  391. * @return array the client-side validation options
  392. * @since 2.0.11
  393. */
  394. public function getClientOptions($model, $attribute)
  395. {
  396. return [];
  397. }
  398. /**
  399. * Returns a value indicating whether the validator is active for the given scenario and attribute.
  400. *
  401. * A validator is active if
  402. *
  403. * - the validator's `on` property is empty, or
  404. * - the validator's `on` property contains the specified scenario
  405. *
  406. * @param string $scenario scenario name
  407. * @return bool whether the validator applies to the specified scenario.
  408. */
  409. public function isActive($scenario)
  410. {
  411. return !in_array($scenario, $this->except, true) && (empty($this->on) || in_array($scenario, $this->on, true));
  412. }
  413. /**
  414. * Adds an error about the specified attribute to the model object.
  415. * This is a helper method that performs message selection and internationalization.
  416. * @param \yii\base\Model $model the data model being validated
  417. * @param string $attribute the attribute being validated
  418. * @param string $message the error message
  419. * @param array $params values for the placeholders in the error message
  420. */
  421. public function addError($model, $attribute, $message, $params = [])
  422. {
  423. $params['attribute'] = $model->getAttributeLabel($attribute);
  424. if (!isset($params['value'])) {
  425. $value = $model->$attribute;
  426. if (is_array($value)) {
  427. $params['value'] = 'array()';
  428. } elseif (is_object($value) && !method_exists($value, '__toString')) {
  429. $params['value'] = '(object)';
  430. } else {
  431. $params['value'] = $value;
  432. }
  433. }
  434. $model->addError($attribute, $this->formatMessage($message, $params));
  435. }
  436. /**
  437. * Checks if the given value is empty.
  438. * A value is considered empty if it is null, an empty array, or an empty string.
  439. * Note that this method is different from PHP empty(). It will return false when the value is 0.
  440. * @param mixed $value the value to be checked
  441. * @return bool whether the value is empty
  442. */
  443. public function isEmpty($value)
  444. {
  445. if ($this->isEmpty !== null) {
  446. return call_user_func($this->isEmpty, $value);
  447. }
  448. return $value === null || $value === [] || $value === '';
  449. }
  450. /**
  451. * Formats a mesage using the I18N, or simple strtr if `\Yii::$app` is not available.
  452. * @param string $message
  453. * @param array $params
  454. * @since 2.0.12
  455. * @return string
  456. */
  457. protected function formatMessage($message, $params)
  458. {
  459. if (Yii::$app !== null) {
  460. return \Yii::$app->getI18n()->format($message, $params, Yii::$app->language);
  461. }
  462. $placeholders = [];
  463. foreach ((array) $params as $name => $value) {
  464. $placeholders['{' . $name . '}'] = $value;
  465. }
  466. return ($placeholders === []) ? $message : strtr($message, $placeholders);
  467. }
  468. /**
  469. * Returns cleaned attribute names without the `!` character at the beginning.
  470. * @return array attribute names.
  471. * @since 2.0.12
  472. */
  473. public function getAttributeNames()
  474. {
  475. return array_map(function ($attribute) {
  476. return ltrim($attribute, '!');
  477. }, $this->attributes);
  478. }
  479. }