X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/2354f07df49eba13d18601fc97e0cb83fa34d561..36d1d6a42c18b4c7743c24ff3ebf02e81c470f7b:/js/kivi.js

diff --git a/js/kivi.js b/js/kivi.js
index daf360b23..c6b707473 100644
--- a/js/kivi.js
+++ b/js/kivi.js
@@ -61,8 +61,16 @@ namespace("kivi", function(ns) {
 
     amount = amount.replace(/[\',]/g, "")
 
+    // Make sure no code wich is not a math expression ends up in eval().
+    if (!amount.match(/^[0-9 ()\-+*/.]*$/))
+      return 0;
+
     /* jshint -W061 */
-    return eval(amount);
+    try {
+      return eval(amount);
+    } catch (err) {
+      return 0;
+    }
   };
 
   ns.round_amount = function(amount, places) {
@@ -474,6 +482,62 @@ namespace("kivi", function(ns) {
 
     return false;
   };
+
+  // Performs various validation steps on the descendants of
+  // 'selector'. Elements that should be validated must have an
+  // attribute named "data-validate" which is set to a space-separated
+  // list of tests to perform. Additionally, the attribute
+  // "data-title" must be set to a human-readable name of the field
+  // that can be shown as part of an error message.
+  //
+  // Supported validation tests are:
+  // - "required": the field must be set (its .val() must not be empty)
+  //
+  // The validation will abort and return "false" as soon as
+  // validation routine fails.
+  //
+  // The function returns "true" if all validations succeed for all
+  // elements.
+  ns.validate_form = function(selector) {
+    var validate_field = function(elt) {
+      var $elt  = $(elt);
+      var tests = $elt.data('validate').split(/ +/);
+      var info  = {
+        title: $elt.data('title'),
+        value: $elt.val(),
+      };
+
+      for (var test_idx in tests) {
+        var test = tests[test_idx];
+
+        if (test === "required") {
+          if ($elt.val() === '') {
+            alert(kivi.t8("The field '#{title}' must be set.", info));
+            return false;
+          }
+
+        } else {
+          var error = "kivi.validate_form: unknown test '" + test + "' for element ID '" + $elt.prop('id') + "'";
+          console.error(error);
+          alert(error);
+
+          return false;
+        }
+      }
+
+      return true;
+    };
+
+    selector = selector || '#form';
+    var ok   = true;
+    var to_check = $(selector + ' [data-validate]').toArray();
+
+    for (var to_check_idx in to_check)
+      if (!validate_field(to_check[to_check_idx]))
+        return false;
+
+    return true;
+  };
 });
 
 kivi = namespace('kivi');