func (s *mathCaptcha) ValidateCaptchaResult() error {
if s.CaptchaResult == "" {
return i18n.Errorfc("formutil", "please, enter the result of the operation")
}
r := -1
p, err := strconv.Atoi(s.CaptchaResult)
if err == nil {
r = p
}
if r != s.MathCaptchaA+s.MathCaptchaB {
return i18n.Errorfc("formutil", "incorrect result")
}
return nil
}
func (c *csrf) error(ctx *app.Context, err error) error {
c.failed = true
if _, err := c.generate(ctx); err != nil {
panic(err)
}
return i18n.Errorfc("form", "invalid CSRF token - please, submit the form again").Err(ctx)
}
// InputNamed takes a (generally) user-provided input string and parses it into the out
// parameter, which must be settable (this usually means you'll have to pass a pointer
// to this function). See the documentation on Parse() for a list of the supported types.
// If name is provided, it will be included in any error returned by this function.
// Additional constraints might be specified with the tag parameter, the ones currently
// supported are:
// - required: Marks the field as required, will return an error if it's empty.
// - optional: Marks the field as optional, will accept empty values.
// - max_length: Sets the maximum length for the input.
// - min_length: Sets the minimum length for the input.
// - alphanumeric: Requires the input to be only letters and numbers
//
// Finally, the required parameter indicates if the value should be considered required
// or optional in absence of the "required" and "optional" tag fields.
func InputNamed(name string, input string, out interface{}, tag *structs.Tag, required bool) error {
v, err := types.SettableValue(out)
if err != nil {
return err
}
if err := parse(input, v); err != nil {
return err
}
if v.Type().Kind() != reflect.Bool && tag != nil {
if ((required && !tag.Optional()) || tag.Required()) && input == "" {
return RequiredInputError(name)
}
if maxlen, ok := tag.MaxLength(); ok && len(input) > maxlen {
if name != "" {
return i18n.Errorfc("form", "%s is too long (maximum length is %d)", name, maxlen)
}
return i18n.Errorfc("form", "too long (maximum length is %d)", maxlen)
}
if minlen, ok := tag.MinLength(); ok && len(input) < minlen {
if name != "" {
return i18n.Errorfc("form", "%s is too short (minimum length is %d)", name, minlen)
}
return i18n.Errorfc("form", "too short (minimum length is %d)", minlen)
}
if tag.Alphanumeric() && len(input) > 0 && !alphanumericRe.MatchString(input) {
if name != "" {
return i18n.Errorfc("form", "%s must be alphanumeric", name)
}
return i18n.Errorfc("form", "must be alphanumeric")
}
}
return nil
}
func (f *Form) validate() {
if err := f.addCSRF(); err != nil {
panic(err)
}
for _, v := range f.fields {
inp := f.ctx.FormValue(v.HTMLName)
label := v.Label.TranslatedString(f.ctx)
if f.NamelessErrors {
label = ""
}
if v.Type.HasChoices() {
if inp == NotChosen {
v.err = i18n.Errorfc("form", "You must choose a value").Err(f.ctx)
continue
}
// Verify that the input mathces one of the available choices
choices := f.fieldChoices(v)
found := false
for _, c := range choices {
if inp == toHTMLValue(c.Value) {
found = true
break
}
}
if !found {
v.err = i18n.Errorfc("form", "%v is not a valid choice", inp).Err(f.ctx)
continue
}
}
if v.Type == FILE {
file, header, err := f.ctx.R.FormFile(v.HTMLName)
if err != nil && !v.Tag().Optional() {
v.err = input.RequiredInputError(label)
continue
}
if file != nil && header != nil {
value := &formFile{
file: file,
header: header,
}
v.value.Set(reflect.ValueOf(value))
}
} else {
if err := input.InputNamed(label, inp, v.SettableValue(), v.Tag(), true); err != nil {
v.err = i18n.TranslatedError(err, f.ctx)
continue
}
if v.Type == EMAIL && !v.Tag().Has("novalidate") {
// Don't validate empty emails. If we reached this point
// with an empty one, the field is optional.
if email, ok := v.Value().(string); ok && email != "" {
if _, err := mail.Validate(email, true); err != nil {
v.err = i18n.Errorfc("form", "%q is not a valid email address", email).Err(f.ctx)
continue
}
}
}
}
if err := structs.Validate(v.sval.Addr().Interface(), v.Name, f.ctx); err != nil {
v.err = i18n.TranslatedError(err, f.ctx)
continue
}
}
}
// RequiredInputError returns an error indicating that the parameter
// with the given name is required but it's missing. Note that this function
// is only exported to avoid user-visible string duplication and users should
// not use it.
func RequiredInputError(name string) error {
if name != "" {
return i18n.Errorfc("form", "%s is required", name)
}
return i18n.Errorfc("form", "required")
}