org.owasp.esapi.reference.validation

Class NumberValidationRule

java.lang.Object

org.owasp.esapi.reference.validation.BaseValidationRule

org.owasp.esapi.reference.validation.NumberValidationRule

All Implemented Interfaces:

ValidationRule

public class NumberValidationRule
extends BaseValidationRule

A validator performs syntax and possibly semantic validation of a single piece of data from an untrusted source.

Since:

June 1, 2007

See Also:

Validator

Field Summary

Fields

Modifier and Type	Field and Description
private static java.math.BigDecimal	bigBad
private double	maxValue
private double	minValue
private static java.math.BigDecimal	smallBad

Fields inherited from class org.owasp.esapi.reference.validation.BaseValidationRule

allowNull, encoder

Constructor Summary

Constructors

Constructor and Description
NumberValidationRule(java.lang.String typeName, Encoder encoder)
NumberValidationRule(java.lang.String typeName, Encoder encoder, double minValue, double maxValue)

Method Summary

Modifier and Type	Method and Description
java.lang.Double	getValid(java.lang.String context, java.lang.String input) Parse the input, throw exceptions if validation fails
private java.lang.Double	safelyParse(java.lang.String context, java.lang.String input)
java.lang.Double	sanitize(java.lang.String context, java.lang.String input) The method is similar to ValidationRuile.getSafe except that it returns a harmless object that may or may not have any similarity to the original input (in some cases you may not care).

Methods inherited from class org.owasp.esapi.reference.validation.BaseValidationRule

assertValid, charArrayToSet, getEncoder, getSafe, getTypeName, getValid, isAllowNull, isValid, setAllowNull, setEncoder, setTypeName, whitelist, whitelist

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

minValue

private double minValue

maxValue

private double maxValue

bigBad

private static java.math.BigDecimal bigBad

smallBad

private static java.math.BigDecimal smallBad

Constructor Detail

NumberValidationRule

public NumberValidationRule(java.lang.String typeName,
                            Encoder encoder)

NumberValidationRule

public NumberValidationRule(java.lang.String typeName,
                            Encoder encoder,
                            double minValue,
                            double maxValue)

Method Detail

getValid

public java.lang.Double getValid(java.lang.String context,
                                 java.lang.String input)
                          throws ValidationException

Parse the input, throw exceptions if validation fails

Parameters:

context - for logging

input - the value to be parsed

Returns:

a validated value

Throws:

ValidationException - if any validation rules fail

sanitize

public java.lang.Double sanitize(java.lang.String context,
                                 java.lang.String input)

The method is similar to ValidationRuile.getSafe except that it returns a harmless object that may or may not have any similarity to the original input (in some cases you may not care). In most cases this should be the same as the getSafe method only instead of throwing an exception, return some default value.

Specified by:

sanitize in class BaseValidationRule

Returns:

a parsed version of the input or a default value.

safelyParse

private java.lang.Double safelyParse(java.lang.String context,
                                     java.lang.String input)
                              throws ValidationException

Throws:

ValidationException