MCMS
[ class tree: MCMS ] [ index: MCMS ] [ all elements ]

Source for file Validator.php

Documentation is available at Validator.php

  1. <?php
  2. /* vim: set expandtab tabstop=4 shiftwidth=4: */
  3. // +----------------------------------------------------------------------+
  4. // | MCMS: a PHP Content Management System for creating accessible sites. |
  5. // | Copyright (C) 2005  Silvio Moioli                                    |
  6. // |                                                                      |
  7. // | This program is free software; you can redistribute it and/or modify |
  8. // | it under the terms of the GNU General Public License as published by |
  9. // | the Free Software Foundation; either version 2 of the License, or    |
  10. // | (at your option) any later version.                                  |
  11. // |                                                                      |
  12. // | This program is distributed in the hope that it will be useful,      |
  13. // | but WITHOUT ANY WARRANTY; without even the implied warranty of       |
  14. // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        |
  15. // | GNU General Public License for more details.                         |
  16. // |                                                                      |
  17. // | You should have received a copy of the GNU General Public License    |
  18. // | along with this program; if not, write to the Free Software          |
  19. // | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 |
  20. // +----------------------------------------------------------------------+
  21. // | Authors: Silvio Moioli <silvio at moioli dot net> www.moioli.net     |
  22. // +----------------------------------------------------------------------+
  23. //
  24. //$Id:
  25.  
  26. /** Carica la classe base di MCMS per l'interfacciamento al Database */
  27. require_once $_SERVER["DOCUMENT_ROOT"]."/admin/lib/model/Engine.php";
  28. /** Carica il gestore dei permessi degli utenti in MCMS */
  29. require_once $_SERVER["DOCUMENT_ROOT"]."/admin/lib/controller/AuthManager.php";
  30. /** Carica le pagine della vista Admin */
  31. require_once $_SERVER["DOCUMENT_ROOT"]."/admin/lib/view/alladmin.inc";
  32.  
  33. /**
  34.  * Verifica la correttezza di un evento.
  35.  *
  36.  * @package MCMS
  37.  * @author Silvio Moioli
  38.  * @version 2
  39.  */
  40. class Validator extends PEAR
  41. {
  42.     /** @var Engine l'oggetto per la comunicazione al Database */
  43.     var $engine = null;
  44.     /** @var AuthManager l'oggetto per la gestione dell'autenticazione degli utenti. */
  45.     var $authManager = null;
  46.     
  47.     /**
  48.      * Costruttore standard.
  49.      *
  50.      * @param Engine $engine l'oggetto per la comunicazione al DB in uso
  51.      */
  52.     function Validator($engine$authManager)
  53.     {
  54.         $this->engine=$engine;
  55.         $this->authManager = $authManager;
  56.         $this->compiler new Compiler();
  57.     }
  58.     
  59.     /**
  60.      * Controlla la validità del comando passato.
  61.      *
  62.      * @param Event $event l'evento da controllare
  63.      * @param mixed $result un oggetto Author se l'utente non
  64.      *  è autenticato correttamente o un oggetto AdminError se qualche
  65.      *  altro errore si è verificato.
  66.      * @return true se l'evento è valido
  67.      */
  68.     function validate($event&$result)
  69.     {
  70.         $author=$event->getAuthor();
  71.         if(is_a($event,"ActionEvent")){
  72.             switch ($event->getAction()){
  73.                 case "addArticle":
  74.                     if ($this->authManager->checkLogin($author)==false{
  75.                         $result $author;
  76.                         return false;
  77.                     }
  78.                     
  79.                     $contents $event->getParameter("contents");
  80.                     $title $event->getParameter("title");
  81.                     
  82.                     if ($contents == ""){
  83.                         $params $event->getParameters();
  84.                         $params["defaults""true";
  85.                         $result new AdminError("non hai specificato contenuti per l'articolo.",
  86.                             "AdminEditArticle",$params);
  87.                         return false;
  88.                     }
  89.                     if ($title == ""){
  90.                         $params $event->getParameters();
  91.                         $params["defaults""true";
  92.                         $result new AdminError("non hai specificato un titolo per l'articolo.",
  93.                             "AdminEditArticle"$params);
  94.                         return false;
  95.                     }
  96.                     
  97.                     return true;
  98.                     break;
  99.                 case "editArticle":
  100.                     $article $event->getArticle();
  101.                     if ($this->authManager->isEditAllowed($author,$article)==false{
  102.                         $result $author;
  103.                         return false;
  104.                     }   
  105.                     
  106.                     $contents $event->getParameter("contents");
  107.                     $title $event->getParameter("title");
  108.                     
  109.                     if ($contents == ""){
  110.                         $params $event->getParameters();
  111.                         $params["defaults""true";
  112.                         $result new AdminError("non hai specificato contenuti per l'articolo.",
  113.                             "AdminEditArticle",$params);
  114.                         return false;
  115.                     }
  116.                     if ($title == ""){
  117.                         $params $event->getParameters();
  118.                         $params["defaults""true";
  119.                         $result new AdminError("non hai specificato un titolo per l'articolo.",
  120.                             "AdminEditArticle"$params);
  121.                         return false;
  122.                     }
  123.                     
  124.                     return true;
  125.                     break;
  126.                 case "dropArticle":
  127.                     $article $event->getArticle();
  128.                     if ($this->authManager->isEditAllowed($author,$article)==false{
  129.                         $result $author;
  130.                         return false;
  131.                     }   
  132.                     return true;
  133.                     break;
  134.                 case "addAuthor":
  135.                     //Possono sempre iscriversi nuovi autori...
  136.                     $name $event->getParameter("name");
  137.                     $surname $event->getParameter("surname");
  138.                     $email $event->getParameter("email");
  139.                     $password $event->getParameter("password");
  140.             
  141.                     if ($name == ""){
  142.                         $params $event->getParameters();
  143.                         $params["defaults""true";
  144.                         $result new AdminError("non hai specificato il nome.",
  145.                             "AdminAddAuthor"$params);
  146.                         return false;
  147.                     }
  148.                     if ($surname == ""){
  149.                         $params $event->getParameters();
  150.                         $params["defaults""true";
  151.                         $result new AdminError("non hai specificato il cognome.",
  152.                             "AdminAddAuthor"$params);
  153.                         return false;
  154.                     }
  155.                     if ($password == "" || $password=="abc"){
  156.                         $params $event->getParameters();
  157.                         $params["defaults""true";
  158.                         $result new AdminError("non hai specificato la password.",
  159.                             "AdminAddAuthor"$params);
  160.                         return false;
  161.                     }
  162.                     if (preg_match("/^[^@]+@[^\.@]+\.[^\.]+$/i",$email)==0){
  163.                         $params $event->getParameters();
  164.                         $params["defaults""true";
  165.                         $result new AdminError("l'indirizzo email inserito non &egrave; corretto.",
  166.                             "AdminAddAuthor"$params);
  167.                         return false;
  168.                     }
  169.                     
  170.                     return true;
  171.                     break;
  172.                 case "editAuthor":
  173.                     if ($this->authManager->checkLogin($author)==false{
  174.                         $result $author;
  175.                         return false;
  176.                     }
  177.                     $name $event->getParameter("name");
  178.                     $surname $event->getParameter("surname");
  179.                     $email $event->getParameter("email");
  180.                     
  181.                     if ($name == ""){
  182.                         $params $event->getParameters();
  183.                         $params["defaults""true";
  184.                         $result new AdminError("non hai specificato il nome.",
  185.                             "AdminEditAuthor"$params);
  186.                         return false;
  187.                     }
  188.                     if ($surname == ""){
  189.                         $params $event->getParameters();
  190.                         $params["defaults""true";
  191.                         $result new AdminError("non hai specificato il cognome.",
  192.                             "AdminEditAuthor"$params);
  193.                         return false;
  194.                     }
  195.               
  196.                     if (preg_match("/^[^@]+@[^\.@]+\.[^\.]+$/i",$email)==0){
  197.                         $params $event->getParameters();
  198.                         $params["defaults""true";
  199.                         $result new AdminError("l'indirizzo email inserito non &egrave; corretto.",
  200.                             "AdminEditAuthor"$params);
  201.                         return false;
  202.                     }
  203.             
  204.                     return true;
  205.                     break;
  206.                 case "dropAuthor":
  207.                     if ($this->authManager->checkLogin($author)==false{
  208.                         $result $author;
  209.                         return false;
  210.                     }
  211.                     return true;
  212.                     break;
  213.                 case "addNews":
  214.                     if ($this->authManager->checkLogin($author)==false{
  215.                         $result $author;
  216.                         return false;
  217.                     }
  218.                     
  219.                     $contents =  $event->getParameter("contents");
  220.                     $title $event->getParameter("title");
  221.                     
  222.                     if ($contents == ""){
  223.                         $params $event->getParameters();
  224.                         $params["defaults""true";
  225.                         $result new AdminError("non hai specificato contenuti per la notizia.",
  226.                             "AdminEditNews",$params);
  227.                         return false;
  228.                     }
  229.                     if ($title == ""){
  230.                         $params $event->getParameters();
  231.                         $params["defaults""true";
  232.                         $result new AdminError("non hai specificato un titolo per la notizia.",
  233.                             "AdminEditNews"$params);
  234.                         return false;
  235.                     }
  236.             
  237.                     return true;
  238.                     break;
  239.                 case "editNews":
  240.                     $news $event->getNews();
  241.                     
  242.                     if ($this->authManager->isEditAllowed($author,$news)==false{
  243.                         $result $author;
  244.                         return false;
  245.                     }  
  246.                     
  247.                     $contents =  $event->getParameter("contents");
  248.                     $title $event->getParameter("title");
  249.                     
  250.                     if ($contents == ""){
  251.                         $params $event->getParameters();
  252.                         $params["defaults""true";
  253.                         $result new AdminError("non hai specificato contenuti per la notizia.",
  254.                             "AdminEditNews",$params);
  255.                         return false;
  256.                     }
  257.                     
  258.                     if ($title == ""){
  259.                         $params $event->getParameters();
  260.                         $params["defaults""true";
  261.                         $result new AdminError("non hai specificato un titolo per la notizia.",
  262.                             "AdminEditNews"$params);
  263.                         return false;
  264.                     }
  265.             
  266.                     return true;
  267.                     break;
  268.                 case "dropNews":
  269.                     $news $event->getNews();
  270.                     
  271.                     if ($this->authManager->isEditAllowed($author,$news)==false{
  272.                         $result $author;
  273.                         return false;
  274.                     }  
  275.     
  276.                     return true;
  277.                     break;
  278.                 case "addCategory":
  279.                     $site $event->getSite();
  280.                     if ($this->authManager->isEditAllowed($author,$site)==false{
  281.                         $result $author;
  282.                         return false;
  283.                     }
  284.                     $name $event->getParameter("name");
  285.             
  286.                     if ($name == ""){
  287.                         $params $event->getParameters();
  288.                         $params["defaults""true";
  289.                         $result new AdminError("non hai specificato un nome per la sezione.",
  290.                             "AdminEditCategory"$params);
  291.                         return false;
  292.                     }
  293.             
  294.                     return true;
  295.                     break;
  296.                 case "editCategory":
  297.                     $site $event->getSite();
  298.                     if ($this->authManager->isEditAllowed($author,$site)==false{
  299.                         $result $author;
  300.                         return false;
  301.                     }
  302.                                     
  303.                     $name $event->getParameter("name");
  304.             
  305.                     if ($name == ""){
  306.                         $params $event->getParameters();
  307.                         $params["defaults""true";
  308.                         $result new AdminError("non hai specificato un nome per la sezione.",
  309.                             "AdminEditCategory"$params);
  310.                         return false;
  311.                     }
  312.                     
  313.                     return true;
  314.                     break;
  315.                 case "dropCategory":
  316.                     $site $event->getSite();
  317.                     if ($this->authManager->isEditAllowed($author,$site)==false{
  318.                         $result $author;
  319.                         return false;
  320.                     }
  321.                     if ($site->getCategoriesCount()<=1){
  322.                         $params $event->getParameters();
  323.                         $result new AdminError("non puoi cancellare l'ultima sezione del sito!",
  324.                             "AdminListCategories"$params);
  325.                         return false;
  326.                     }
  327.                     return true;
  328.                     break;
  329.                 case "addSite":
  330.                     if ($this->authManager->checkLogin($author)==false{
  331.                         $result $author;
  332.                         return false;
  333.                     }
  334.                     $url $event->getParameter("name");
  335.                     if (preg_match('#^http://www(\.[a-zA-Z0-9]+){2,6}$#',$url)==0){
  336.                         $params $event->getParameters();
  337.                         $params["defaults""true";
  338.                         $result new AdminError("l'URL inserito non &egrave; corretto.",
  339.                             "AdminAddSite"$params);
  340.                         return false;
  341.                     }
  342.                     return true;
  343.                     break;
  344.                 case "dropSite":
  345.                     $site $event->getSite();
  346.                     if ($this->authManager->isEditAllowed($author,$site)==false{
  347.                         $result $author;
  348.                         return false;
  349.                     }
  350.                     return true;
  351.                     break;
  352.                 case "editComponents":
  353.                     $site $event->getSite();
  354.                     if ($this->authManager->isEditAllowed($author,$site)==false{
  355.                         $result $author;
  356.                         return false;
  357.                     }
  358.                     return true;
  359.                     break;
  360.                 case "editHomepage":
  361.                     $site $event->getSite();
  362.                     if ($this->authManager->isEditAllowed($author,$site)==false{
  363.                         $result $author;
  364.                         return false;
  365.                     }
  366.                     $contents=$event->getParameter("contents");
  367.                     $slogan=$event->getParameter("slogan");
  368.                     
  369.                     if ($slogan == ""){
  370.                         $params $event->getParameters();
  371.                         $params["defaults""true";
  372.                         $result new AdminError("non hai specificato uno slogan per l'homepage.",
  373.                             "AdminEditHomepage"$params);
  374.                         return false;
  375.                     }
  376.                     if ($contents == ""){
  377.                         $params $event->getParameters();
  378.                         $params["defaults""true";
  379.                         $result new AdminError("non hai specificato contenuti per l'homepage.",
  380.                             "AdminEditHomepage"$params);
  381.                         return false;
  382.                     }
  383.                     return true;
  384.                     break;
  385.                 case null:
  386.                     return true;
  387.                     break;
  388.                 default:
  389.                     print "Validator: unrecognized action ".$event->getAction()." <br />";
  390.                     break;
  391.             }
  392.         }
  393.         elseif(is_a($event,"GoToEvent")){
  394.             switch ($event->getParameter("goTo")) {
  395.                 case "AdminIndex":
  396.                 case "AdminAddAuthor":
  397.                     return true;
  398.                     break;
  399.                 case "AdminListNews":
  400.                 case "AdminListArticles":
  401.                 case "AdminManageSite":
  402.                 case "AdminAddSite":
  403.                 case "AdminEditAuthor":
  404.                 case "AdminDropAuthor":
  405.                     $result $author;
  406.                     return $this->checkLogin($author);
  407.                     break;
  408.                 case "AdminDropSite":
  409.                 case "AdminListCategories":
  410.                 case "AdminEditHomepage":
  411.                     $result $author;
  412.                     return $this->isEditAllowed($author$event->getSite());
  413.                     break;
  414.                 case "AdminDropNews":
  415.                     $result $author;
  416.                     return $this->isEditAllowed($author$event->getNews());
  417.                     break;
  418.                 case "AdminDropArticle":
  419.                     $result $author;
  420.                     return $this->isEditAllowed($author$event->getArticle());
  421.                     break;
  422.                 case "AdminDropCategory":
  423.                     $site $event->getSite();
  424.                     if ($site->getCategoriesCount()<=1){
  425.                         $params $event->getParameters();
  426.                         $result new AdminError("non puoi cancellare l'ultima sezione del sito!",
  427.                             "AdminListCategories"$params);
  428.                         return false;
  429.                     }
  430.                     $result $author;
  431.                     return $this->isEditAllowed($author$event->getCategory());
  432.                     break;
  433.                 case "AdminMain":
  434.                     //Se sono al primo login dopo la registrazione...
  435.                     if ($event->getParameter("action")=="addAuthor"{
  436.                         return true;
  437.                     }
  438.                     else {//login ordinario
  439.                         $result $author;
  440.                         return $this->checkLogin($author);
  441.                     }
  442.                     break;
  443.                 case "AdminEditNews":
  444.                     if ($event->getParameter("mode"== "new"{
  445.                         $result $author;
  446.                         return $this->checkLogin($author);
  447.                     }
  448.                     elseif ($event->getParameter("mode"== "edit"{
  449.                         $result $author;
  450.                         return $this->isEditAllowed($author$event->getNews());
  451.                     }
  452.                     break;
  453.                 case "AdminEditArticle":
  454.                     //Controlla i permessi e inizializza la pagina
  455.                     if ($event->getParameter("mode"== "new"{
  456.                         $result $author;
  457.                         return $this->checkLogin($author);
  458.                     }
  459.                     elseif ($event->getParameter("mode"== "edit"{
  460.                         $result $author;
  461.                         return $this->isEditAllowed($author$event->getArticle());
  462.                     }
  463.                     break;
  464.                 case "AdminEditCategory":
  465.                     //Modifica sezione
  466.                     if ($event->getParameter("mode"== "new"{
  467.                         $result $author;
  468.                         return $this->checkLogin($author);
  469.                     }
  470.                     elseif ($event->getParameter("mode"== "edit"{
  471.                         $result $author;
  472.                         return $this->isEditAllowed($author$event->getCategory());
  473.                     }
  474.                     break;
  475.                 default:
  476.                     print "NO GOTO page specified! ";
  477.                     break;
  478.             }
  479.         }
  480.     }
  481.     
  482.     function checkLogin($author)
  483.     {
  484.        return $this->authManager->checkLogin($author);
  485.     }
  486.         
  487.     function isEditAllowed($author$object)
  488.     {
  489.         return $this->authManager->isEditAllowed($author,$object);
  490.     }
  491. }
  492.  
  493. ?>

Documentation generated on Wed, 26 Jul 2006 21:45:02 +0200 by phpDocumentor 1.3.0RC6