Versions
Look up a class, method, property or event

CCaptchaValidator

Package system.validators
Inheritance class CCaptchaValidator » CValidator » CComponent
Since 1.0
Source Code framework/validators/CCaptchaValidator.php
CCaptchaValidator validates that the attribute value is the same as the verification code displayed in the CAPTCHA.

CCaptchaValidator should be used together with CCaptchaAction.

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
allowEmpty boolean whether the attribute value can be null or empty. CCaptchaValidator
attributes array list of attributes to be validated. CValidator
builtInValidators array list of built-in validators (name=>class) CValidator
caseSensitive boolean whether the comparison is case sensitive. CCaptchaValidator
enableClientValidation boolean whether to perform client-side validation. CValidator
except array list of scenarios that the validator should not be applied to. CValidator
message string the user-defined error message. CValidator
on array list of scenarios that the validator should be applied. CValidator
safe boolean whether attributes listed with this validator should be considered safe for massive assignment. CValidator
skipOnError boolean whether this validation rule should be skipped when there is already a validation error for the current attribute. CValidator

Protected Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
captchaAction CCaptchaAction Returns the CAPTCHA action object. CCaptchaValidator

Public Methods

Hide inherited methods

MethodDescriptionDefined By
__call() Calls the named method which is not a class method. CComponent
__get() Returns a property value, an event handler list or a behavior based on its name. CComponent
__isset() Checks if a property value is null. CComponent
__set() Sets value of a component property. CComponent
__unset() Sets a component property to be null. CComponent
applyTo() Returns a value indicating whether the validator applies to the specified scenario. CValidator
asa() Returns the named behavior object. CComponent
attachBehavior() Attaches a behavior to this component. CComponent
attachBehaviors() Attaches a list of behaviors to the component. CComponent
attachEventHandler() Attaches an event handler to an event. CComponent
canGetProperty() Determines whether a property can be read. CComponent
canSetProperty() Determines whether a property can be set. CComponent
clientValidateAttribute() Returns the JavaScript needed for performing client-side validation. CCaptchaValidator
createValidator() Creates a validator object. CValidator
detachBehavior() Detaches a behavior from the component. CComponent
detachBehaviors() Detaches all behaviors from the component. CComponent
detachEventHandler() Detaches an existing event handler. CComponent
disableBehavior() Disables an attached behavior. CComponent
disableBehaviors() Disables all behaviors attached to this component. CComponent
enableBehavior() Enables an attached behavior. CComponent
enableBehaviors() Enables all behaviors attached to this component. CComponent
evaluateExpression() Evaluates a PHP expression or callback under the context of this component. CComponent
getEventHandlers() Returns the list of attached event handlers for an event. CComponent
hasEvent() Determines whether an event is defined. CComponent
hasEventHandler() Checks whether the named event has attached handlers. CComponent
hasProperty() Determines whether a property is defined. CComponent
raiseEvent() Raises an event. CComponent
validate() Validates the specified object. CValidator

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
addError() Adds an error about the specified attribute to the active record. CValidator
getCaptchaAction() Returns the CAPTCHA action object. CCaptchaValidator
isEmpty() Checks if the given value is empty. CValidator
validateAttribute() Validates the attribute of the object. CCaptchaValidator

Property Details

allowEmpty property
public boolean $allowEmpty;

whether the attribute value can be null or empty. Defaults to false, meaning the attribute is invalid if it is empty.

captchaAction property read-only (available since v1.1.7)

Returns the CAPTCHA action object.

caseSensitive property
public boolean $caseSensitive;

whether the comparison is case sensitive. Defaults to false.

Method Details

clientValidateAttribute() method (available since v1.1.7)
public string clientValidateAttribute(CModel $object, string $attribute)
$object CModel the data object being validated
$attribute string the name of the attribute to be validated.
{return} string the client-side validation script.
Source Code: framework/validators/CCaptchaValidator.php#91 (show)
public function clientValidateAttribute($object,$attribute)
{
    
$captcha=$this->getCaptchaAction();
    
$message=$this->message!==null $this->message Yii::t('yii','The verification code is incorrect.');
    
$message=strtr($message, array(
        
'{attribute}'=>$object->getAttributeLabel($attribute),
    ));
    
$code=$captcha->getVerifyCode(false);
    
$hash=$captcha->generateValidationHash($this->caseSensitive $code strtolower($code));
    
$js="
var hash = jQuery('body').data('
{$this->captchaAction}.hash');
if (hash == null)
hash = 
$hash;
else
hash = hash["
.($this->caseSensitive 1)."];
for(var i=value.length-1, h=0; i >= 0; --i) h+=value."
.($this->caseSensitive '' 'toLowerCase().')."charCodeAt(i);
if(h != hash) {
messages.push("
.CJSON::encode($message).");
}
"
;

    if(
$this->allowEmpty)
    {
        
$js="
if(jQuery.trim(value)!='') {
$js
}
"
;
    }

    return 
$js;
}

Returns the JavaScript needed for performing client-side validation.

getCaptchaAction() method (available since v1.1.7)
protected CCaptchaAction getCaptchaAction()
{return} CCaptchaAction the action object
Source Code: framework/validators/CCaptchaValidator.php#64 (show)
protected function getCaptchaAction()
{
    if((
$captcha=Yii::app()->getController()->createAction($this->captchaAction))===null)
    {
        if(
strpos($this->captchaAction,'/')!==false// contains controller or module
        
{
            if((
$ca=Yii::app()->createController($this->captchaAction))!==null)
            {
                list(
$controller,$actionID)=$ca;
                
$captcha=$controller->createAction($actionID);
            }
        }
        if(
$captcha===null)
            throw new 
CException(Yii::t('yii','CCaptchaValidator.action "{id}" is invalid. Unable to find such an action in the current controller.',
                    array(
'{id}'=>$this->captchaAction)));
    }
    return 
$captcha;
}

Returns the CAPTCHA action object.

validateAttribute() method
protected void validateAttribute(CModel $object, string $attribute)
$object CModel the object being validated
$attribute string the attribute being validated
Source Code: framework/validators/CCaptchaValidator.php#44 (show)
protected function validateAttribute($object,$attribute)
{
    
$value=$object->$attribute;
    if(
$this->allowEmpty && $this->isEmpty($value))
        return;
    
$captcha=$this->getCaptchaAction();
    
// reason of array checking is explained here: https://github.com/yiisoft/yii/issues/1955
    
if(is_array($value) || !$captcha->validate($value,$this->caseSensitive))
    {
        
$message=$this->message!==null?$this->message:Yii::t('yii','The verification code is incorrect.');
        
$this->addError($object,$attribute,$message);
    }
}

Validates the attribute of the object. If there is any error, the error message is added to the object.

Total 1 comment

#17323 report it
got 2 doodle at 2014/05/23 10:25am
Use of 'except' in admin panel

I had a scenario where events submitted on the front end where later approved by an administrator in the backend. On the front end I required Captcha but not for a logged in administrator.

Model validation rule for the captcha was.

array('verifyCode', 'captcha', 'allowEmpty'=>!CCaptcha::checkRequirements(),'except'=>'admin'),

Captcha is required except if the scenario is 'admin'

I modified the loadModel function to set the scenario, this satisfied the requirement for approve and update actions.

public function loadModel($id)
    {
        $model=Event::model()->findByPk((int)$id);
        if($model===null)
            throw new CHttpException(404,'The requested page does not exist.');
                $model->scenario = 'admin';
        return $model;
    }

I also had to set the scenario in the create action.

public function actionCreate()
    {
        $model=new Event;
                $model->scenario = 'admin';

Now the admin can create, approve and modify the record without requiring Captcha

I hope this helps you out!

Leave a comment

Please to leave your comment.