diff options
author | VirtualTam <virtualtam@flibidi.net> | 2015-06-27 14:57:44 +0200 |
---|---|---|
committer | VirtualTam <virtualtam@flibidi.net> | 2015-07-09 00:44:19 +0200 |
commit | 9186ab95943b7c2467a0f27f30bed9db3c589b9d (patch) | |
tree | cfc8e4d2c8469ac16910c18d59a07b23d0348fbe | |
parent | 46d83c20d77276e9e94c54e31b29222f762e13dd (diff) | |
download | Shaarli-9186ab95943b7c2467a0f27f30bed9db3c589b9d.tar.gz Shaarli-9186ab95943b7c2467a0f27f30bed9db3c589b9d.tar.zst Shaarli-9186ab95943b7c2467a0f27f30bed9db3c589b9d.zip |
LinkDB::filterDay(): check input date format
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
-rw-r--r-- | application/LinkDB.php | 5 | ||||
-rw-r--r-- | application/Utils.php | 15 | ||||
-rw-r--r-- | index.php | 8 | ||||
-rw-r--r-- | tests/LinkDBTest.php | 23 | ||||
-rw-r--r-- | tests/UtilsTest.php | 19 |
5 files changed, 58 insertions, 12 deletions
diff --git a/application/LinkDB.php b/application/LinkDB.php index a673b086..82763618 100644 --- a/application/LinkDB.php +++ b/application/LinkDB.php | |||
@@ -375,7 +375,10 @@ You use the community supported version of the original Shaarli project, by Seba | |||
375 | */ | 375 | */ |
376 | public function filterDay($day) | 376 | public function filterDay($day) |
377 | { | 377 | { |
378 | // TODO: check input format | 378 | if (! checkDateFormat('Ymd', $day)) { |
379 | throw new Exception('Invalid date format'); | ||
380 | } | ||
381 | |||
379 | $filtered = array(); | 382 | $filtered = array(); |
380 | foreach ($this->links as $l) { | 383 | foreach ($this->links as $l) { |
381 | if (startsWith($l['linkdate'], $day)) { | 384 | if (startsWith($l['linkdate'], $day)) { |
diff --git a/application/Utils.php b/application/Utils.php index 82220bfc..a1e97b35 100644 --- a/application/Utils.php +++ b/application/Utils.php | |||
@@ -69,4 +69,19 @@ function sanitizeLink(&$link) | |||
69 | $link['description'] = escape($link['description']); | 69 | $link['description'] = escape($link['description']); |
70 | $link['tags'] = escape($link['tags']); | 70 | $link['tags'] = escape($link['tags']); |
71 | } | 71 | } |
72 | |||
73 | /** | ||
74 | * Checks if a string represents a valid date | ||
75 | * | ||
76 | * @param string a string-formatted date | ||
77 | * @param format the expected DateTime format of the string | ||
78 | * @return whether the string is a valid date | ||
79 | * @see http://php.net/manual/en/class.datetime.php | ||
80 | * @see http://php.net/manual/en/datetime.createfromformat.php | ||
81 | */ | ||
82 | function checkDateFormat($format, $string) | ||
83 | { | ||
84 | $date = DateTime::createFromFormat($format, $string); | ||
85 | return $date && $date->format($string) == $string; | ||
86 | } | ||
72 | ?> | 87 | ?> |
@@ -957,7 +957,13 @@ function showDaily() | |||
957 | if ($i<count($days)-1) $nextday=$days[$i+1]; | 957 | if ($i<count($days)-1) $nextday=$days[$i+1]; |
958 | } | 958 | } |
959 | 959 | ||
960 | $linksToDisplay=$LINKSDB->filterDay($day); | 960 | try { |
961 | $linksToDisplay = $LINKSDB->filterDay($day); | ||
962 | } catch (Exception $exc) { | ||
963 | error_log($exc); | ||
964 | $linksToDisplay = []; | ||
965 | } | ||
966 | |||
961 | // We pre-format some fields for proper output. | 967 | // We pre-format some fields for proper output. |
962 | foreach($linksToDisplay as $key=>$link) | 968 | foreach($linksToDisplay as $key=>$link) |
963 | { | 969 | { |
diff --git a/tests/LinkDBTest.php b/tests/LinkDBTest.php index ee8dbee3..8b0bd23b 100644 --- a/tests/LinkDBTest.php +++ b/tests/LinkDBTest.php | |||
@@ -396,19 +396,22 @@ class LinkDBTest extends PHPUnit_Framework_TestCase | |||
396 | 396 | ||
397 | /** | 397 | /** |
398 | * Use an invalid date format | 398 | * Use an invalid date format |
399 | * @expectedException Exception | ||
400 | * @expectedExceptionMessageRegExp /Invalid date format/ | ||
399 | */ | 401 | */ |
400 | public function testFilterInvalidDay() | 402 | public function testFilterInvalidDayWithChars() |
401 | { | 403 | { |
402 | $this->assertEquals( | 404 | self::$privateLinkDB->filterDay('Rainy day, dream away'); |
403 | 0, | 405 | } |
404 | sizeof(self::$privateLinkDB->filterDay('Rainy day, dream away')) | ||
405 | ); | ||
406 | 406 | ||
407 | // TODO: check input format | 407 | /** |
408 | $this->assertEquals( | 408 | * Use an invalid date format |
409 | 6, | 409 | * @expectedException Exception |
410 | sizeof(self::$privateLinkDB->filterDay('20')) | 410 | * @expectedExceptionMessageRegExp /Invalid date format/ |
411 | ); | 411 | */ |
412 | public function testFilterInvalidDayDigits() | ||
413 | { | ||
414 | self::$privateLinkDB->filterDay('20'); | ||
412 | } | 415 | } |
413 | 416 | ||
414 | /** | 417 | /** |
diff --git a/tests/UtilsTest.php b/tests/UtilsTest.php index bbba99f2..90392dfb 100644 --- a/tests/UtilsTest.php +++ b/tests/UtilsTest.php | |||
@@ -74,5 +74,24 @@ class UtilsTest extends PHPUnit_Framework_TestCase | |||
74 | $this->assertTrue(endsWith('å!ùµ', 'ùµ', false)); | 74 | $this->assertTrue(endsWith('å!ùµ', 'ùµ', false)); |
75 | $this->assertTrue(endsWith('µ$åù', 'åù', true)); | 75 | $this->assertTrue(endsWith('µ$åù', 'åù', true)); |
76 | } | 76 | } |
77 | |||
78 | /** | ||
79 | * Check valid date strings, according to a DateTime format | ||
80 | */ | ||
81 | public function testCheckValidDateFormat() | ||
82 | { | ||
83 | $this->assertTrue(checkDateFormat('Ymd', '20150627')); | ||
84 | $this->assertTrue(checkDateFormat('Y-m-d', '2015-06-27')); | ||
85 | } | ||
86 | |||
87 | /** | ||
88 | * Check erroneous date strings, according to a DateTime format | ||
89 | */ | ||
90 | public function testCheckInvalidDateFormat() | ||
91 | { | ||
92 | $this->assertFalse(checkDateFormat('Ymd', '2015')); | ||
93 | $this->assertFalse(checkDateFormat('Y-m-d', '2015-06')); | ||
94 | $this->assertFalse(checkDateFormat('Ymd', 'DeLorean')); | ||
95 | } | ||
77 | } | 96 | } |
78 | ?> | 97 | ?> |