1 files changed, 58 insertions, 1 deletions

diff --git a/frontends/php/include/validate.inc.php b/frontends/php/include/validate.inc.php
index ce1c6cc3..848a4099 100644
--- a/frontends/php/include/validate.inc.php
+++ b/frontends/php/include/validate.inc.php
@@ -54,6 +54,20 @@
 		return $ret;
 	}
 
+	function	calc_exp($field,$expression)
+	{
+		global $_REQUEST;
+
+		if(strstr($expression,"{}"))
+		{
+			if(!isset($_REQUEST[$field]))	return FALSE;
+		}
+		$exec = str_replace("{}",'$_REQUEST["'.$field.'"]',$expression);
+		$exec = "return ".$exec.'1;';
+//		echo $exec,"<br>";
+		return eval($exec);
+	}
+
 	function	check_fields($fields)
 	{
 		global	$_REQUEST;
@@ -62,7 +76,50 @@
 
 		foreach($fields as $field => $checks)
 		{
-			list($type,$opt,$table,$field,$validation,$exception)=$checks;
+			list($type,$opt,$table,$column,$validation,$exception)=$checks;
+
+
+			if($exception==NULL)	$except=FALSE;
+			else			$except=calc_exp($field,$exception);
+
+
+			if($opt == O_MAND &&	$exception)	$opt = O_NO;
+			else if($opt == O_OPT && $exception)	$opt = O_MAND;
+			else if($opt == O_NO && $exception)	$opt = O_MAND;
+
+			if($opt == O_MAND)
+			{
+				if(!isset($_REQUEST[$field]))
+				{
+					info("Field [".$field."] is mandatory"); $ret = 0; continue;
+				}
+			}
+
+			if($opt == O_NO)
+			{
+				if(isset($_REQUEST[$field]))
+				{
+					info("Field [".$field."] must be missing"); $ret = 0; continue;
+				}
+				else continue;
+			}
+
+
+			if( ($type == T_ZBX_INT) && !is_numeric($_REQUEST[$field])) {
+				info("Field [".$field."] is not integer"); $ret = 0; continue;
+			}
+
+			if( ($type == T_ZBX_DBL) && !is_numeric($_REQUEST[$field])) {
+				info("Field [".$field."] is not double"); $ret = 0; continue;
+			}
+
+			if($validation==NULL)	$valid=TRUE;
+			else			$valid=calc_exp($field,$validation);
+
+			if(!$valid)
+			{
+				info("Field [".$field."] is invalid"); $ret = 0; continue;
+			}
 		}
 		return $ret;
 	}