1. class
  2. Tfish
  3. \
  4. CriteriaItem

CriteriaItem

class CriteriaItem

Represents a single clause in the WHERE component of a database query.

Add CriteriaItem to Criteria to build your queries. Please see the Tuskfish Developer Guide for a full explanation and examples.

Traits

IntegerCheck
Validate and range check integers.
ValidateString
Provides methods for validating UTF-8 character encoding and string composition.

Properties

$column
$value
$operator

Methods

bool
isInt(int $int, int $min = null, int $max = null)

Validate integer, optionally include range check.

from IntegerCheck
string
encodeEscapeUrl(string $url)

URL-encode and escape a query string for use in a URL.

from ValidateString
bool
isAlnum(string $alnum)

Check that a string is comprised solely of alphanumeric characters.

from ValidateString
bool
isAlnumUnderscore(string $alnumUnderscore)

Check that a string is comprised solely of alphanumeric characters and underscores.

from ValidateString
bool
isAlpha(string $alpha)

Check that a string is comprised solely of alphabetical characters.

from ValidateString
bool
isUtf8(string $text)

Check if the character encoding of text is UTF-8.

from ValidateString
string
trimString(mixed $text)

Cast to string, check UTF-8 encoding and strip trailing whitespace and control characters.

from ValidateString
__construct(string $column, mixed $value, string $operator = '=')

Constructor.

array
listPermittedOperators()

Provides a whitelist of permitted operators for use in database queries.

setColumn(string $value)

Specifies the column to use in a query clause.

setOperator(string $value)

Sets the operator (=, <, >, etc) to use in a query clause.

setValue(mixed $value)

Sets the value of a column to use in a query clause.

Details

in IntegerCheck at line 39
bool isInt(int $int, int $min = null, int $max = null)

Validate integer, optionally include range check.

Parameters

int $int Input to be tested.
int $min Minimum acceptable value.
int $max Maximum acceptable value.

Return Value

bool True if valid int and within optional range check, false otherwise.

in ValidateString at line 41
string encodeEscapeUrl(string $url)

URL-encode and escape a query string for use in a URL.

Trims, checks for UTF-8 compliance, rawurlencodes and then escapes with htmlspecialchars(). If you wish to use the data on a landing page you must decode it with htmlspecialchars_decode() followed by rawurldecode() in that order. But really, if you are using any characters that need to be encoded in the first place you should probably just stop.

Parameters

string $url Unescaped input URL.

Return Value

string Encoded and escaped URL.

in ValidateString at line 59
bool isAlnum(string $alnum)

Check that a string is comprised solely of alphanumeric characters.

Accented regional characters are rejected. This method is designed to be used to check database identifiers or object property names.

Parameters

string $alnum Input to be tested.

Return Value

bool True if valid alphanumerical string, false otherwise.

in ValidateString at line 77
bool isAlnumUnderscore(string $alnumUnderscore)

Check that a string is comprised solely of alphanumeric characters and underscores.

Accented regional characters are rejected. This method is designed to be used to check database identifiers or object property names.

Parameters

string $alnumUnderscore Input to be tested.

Return Value

bool True if valid alphanumerical or underscore string, false otherwise.

in ValidateString at line 95
bool isAlpha(string $alpha)

Check that a string is comprised solely of alphabetical characters.

Tolerates vanilla ASCII only. Accented regional characters are rejected. This method is designed to be used to check database identifiers or object property names.

Parameters

string $alpha Input to be tested.

Return Value

bool True if valid alphabetical string, false otherwise.

in ValidateString at line 113
bool isUtf8(string $text)

Check if the character encoding of text is UTF-8.

All strings received from external sources must be passed through this function, particularly prior to storage in the database.

Parameters

string $text Input string to check.

Return Value

bool True if string is UTF-8 encoded otherwise false.

in ValidateString at line 131
string trimString(mixed $text)

Cast to string, check UTF-8 encoding and strip trailing whitespace and control characters.

Removes trailing whitespace and control characters (ASCII <= 32 / UTF-8 points 0-32 inclusive), checks for UTF-8 character set and casts input to a string. Note that the data returned by this function still requires escaping at the point of use; it is not database or XSS safe.

As the input is cast to a string do NOT apply this function to non-string types (int, float, bool, object, resource, null, array, etc).

Parameters

mixed $text Input to be trimmed.

Return Value

string Trimmed and UTF-8 validated string.

at line 53
__construct(string $column, mixed $value, string $operator = '=')

Constructor.

Parameters

string $column Name of column in database table. Alphanumeric and underscore characters only.
mixed $value Value of the column.
string $operator See listPermittedOperators() for a list of acceptable operators.

at line 75
array listPermittedOperators()

Provides a whitelist of permitted operators for use in database queries.

Return Value

array Array of permitted operators for use in database queries.

at line 86
setColumn(string $value)

Specifies the column to use in a query clause.

Parameters

string $value Name of column.

at line 102
setOperator(string $value)

Sets the operator (=, <, >, etc) to use in a query clause.

Parameters

string $value An operator to use in a clause.

at line 118
setValue(mixed $value)

Sets the value of a column to use in a query clause.

Parameters

mixed $value Value of column.