From 9186ab95943b7c2467a0f27f30bed9db3c589b9d Mon Sep 17 00:00:00 2001 From: VirtualTam Date: Sat, 27 Jun 2015 14:57:44 +0200 Subject: [PATCH] LinkDB::filterDay(): check input date format Signed-off-by: VirtualTam --- application/LinkDB.php | 5 ++++- application/Utils.php | 15 +++++++++++++++ index.php | 8 +++++++- tests/LinkDBTest.php | 23 +++++++++++++---------- tests/UtilsTest.php | 19 +++++++++++++++++++ 5 files changed, 58 insertions(+), 12 deletions(-) diff --git a/application/LinkDB.php b/application/LinkDB.php index a673b086..82763618 100644 --- a/application/LinkDB.php +++ b/application/LinkDB.php @@ -375,7 +375,10 @@ You use the community supported version of the original Shaarli project, by Seba */ public function filterDay($day) { - // TODO: check input format + if (! checkDateFormat('Ymd', $day)) { + throw new Exception('Invalid date format'); + } + $filtered = array(); foreach ($this->links as $l) { if (startsWith($l['linkdate'], $day)) { diff --git a/application/Utils.php b/application/Utils.php index 82220bfc..a1e97b35 100644 --- a/application/Utils.php +++ b/application/Utils.php @@ -69,4 +69,19 @@ function sanitizeLink(&$link) $link['description'] = escape($link['description']); $link['tags'] = escape($link['tags']); } + +/** + * Checks if a string represents a valid date + * + * @param string a string-formatted date + * @param format the expected DateTime format of the string + * @return whether the string is a valid date + * @see http://php.net/manual/en/class.datetime.php + * @see http://php.net/manual/en/datetime.createfromformat.php + */ +function checkDateFormat($format, $string) +{ + $date = DateTime::createFromFormat($format, $string); + return $date && $date->format($string) == $string; +} ?> diff --git a/index.php b/index.php index 561f946e..5771dd88 100644 --- a/index.php +++ b/index.php @@ -957,7 +957,13 @@ function showDaily() if ($ifilterDay($day); + try { + $linksToDisplay = $LINKSDB->filterDay($day); + } catch (Exception $exc) { + error_log($exc); + $linksToDisplay = []; + } + // We pre-format some fields for proper output. foreach($linksToDisplay as $key=>$link) { diff --git a/tests/LinkDBTest.php b/tests/LinkDBTest.php index ee8dbee3..8b0bd23b 100644 --- a/tests/LinkDBTest.php +++ b/tests/LinkDBTest.php @@ -396,19 +396,22 @@ class LinkDBTest extends PHPUnit_Framework_TestCase /** * Use an invalid date format + * @expectedException Exception + * @expectedExceptionMessageRegExp /Invalid date format/ */ - public function testFilterInvalidDay() + public function testFilterInvalidDayWithChars() { - $this->assertEquals( - 0, - sizeof(self::$privateLinkDB->filterDay('Rainy day, dream away')) - ); + self::$privateLinkDB->filterDay('Rainy day, dream away'); + } - // TODO: check input format - $this->assertEquals( - 6, - sizeof(self::$privateLinkDB->filterDay('20')) - ); + /** + * Use an invalid date format + * @expectedException Exception + * @expectedExceptionMessageRegExp /Invalid date format/ + */ + public function testFilterInvalidDayDigits() + { + self::$privateLinkDB->filterDay('20'); } /** diff --git a/tests/UtilsTest.php b/tests/UtilsTest.php index bbba99f2..90392dfb 100644 --- a/tests/UtilsTest.php +++ b/tests/UtilsTest.php @@ -74,5 +74,24 @@ class UtilsTest extends PHPUnit_Framework_TestCase $this->assertTrue(endsWith('å!ùµ', 'ùµ', false)); $this->assertTrue(endsWith('µ$åù', 'åù', true)); } + + /** + * Check valid date strings, according to a DateTime format + */ + public function testCheckValidDateFormat() + { + $this->assertTrue(checkDateFormat('Ymd', '20150627')); + $this->assertTrue(checkDateFormat('Y-m-d', '2015-06-27')); + } + + /** + * Check erroneous date strings, according to a DateTime format + */ + public function testCheckInvalidDateFormat() + { + $this->assertFalse(checkDateFormat('Ymd', '2015')); + $this->assertFalse(checkDateFormat('Y-m-d', '2015-06')); + $this->assertFalse(checkDateFormat('Ymd', 'DeLorean')); + } } ?> -- 2.41.0