diff --git a/dblayer.php b/dblayer.php index d08f81a..82a4726 100644 --- a/dblayer.php +++ b/dblayer.php @@ -460,7 +460,52 @@ class dblayer extends PDO // Verify the fields, if $verify is defined, before doing insertion if (array_key_exists ($key, $datas)) $datasOK[$key] = $datas[$key]; + // Check for type inconsistencies if the value is provided + if ($datas[$key] !== "" && $params[0] === "integer") + { + if (strspn ($datas[$key], "0123456789") !== strlen ($datas[$key])) + throw new Exception (sprintf ( + _("Errors in consistency : '%s' is not an integer"), + $key), 405); + } + elseif ($datas[$key] !== "" && $params[0] === "varchar") + { + if (! isset ($params[1])) + throw new Exception (sprintf ( + _("The length of varchar field '%s' is not provided"), + $key), 500); + if (strlen ($datas[$key]) > $params[1]) + throw new Exception (sprintf ( + _("Errors in consistency : '%s' data is too long"), + $key), 405); + } + elseif ($datas[$key] !== "" && $params[0] === "datetime") + { + // The date format must be in ANSI SQL : YYYY-MM-DD HH:MM:SS + $d = DateTime::createFromFormat("Y-m-d H:i:s", $datas[$key]); + if (!$d || $d->format("Y-m-d H:i:s") !== $datas[$key]) + throw new Exception (sprintf ( + _("Incorrect datetime provided for field '%s'"), + $key), 500); + } + elseif ($datas[$key] !== "" && $params[0] === "date") + { + // The date format must be in ANSI SQL : YYYY-MM-DD + $d = DateTime::createFromFormat("Y-m-d", $datas[$key]); + if (!$d || $d->format("Y-m-d") !== $datas[$key]) + throw new Exception (sprintf ( + _("Incorrect date provided for field '%s'"), + $key), 500); + } + elseif ($datas[$key] !== "") + throw new Exception (sprintf (_("Unknown field type for '%s'"), $key), + 500); + else + { + // Nothing to do if the value is empty : just save it + } } + if (count ($datasOK) === 0) throw new Exception (_("Don't receive any field to display"), 501);