aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorVirtualTam <virtualtam@flibidi.net>2015-06-27 14:57:44 +0200
committerVirtualTam <virtualtam@flibidi.net>2015-07-09 00:44:19 +0200
commit9186ab95943b7c2467a0f27f30bed9db3c589b9d (patch)
treecfc8e4d2c8469ac16910c18d59a07b23d0348fbe
parent46d83c20d77276e9e94c54e31b29222f762e13dd (diff)
downloadShaarli-9186ab95943b7c2467a0f27f30bed9db3c589b9d.tar.gz
Shaarli-9186ab95943b7c2467a0f27f30bed9db3c589b9d.tar.zst
Shaarli-9186ab95943b7c2467a0f27f30bed9db3c589b9d.zip
LinkDB::filterDay(): check input date format
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
-rw-r--r--application/LinkDB.php5
-rw-r--r--application/Utils.php15
-rw-r--r--index.php8
-rw-r--r--tests/LinkDBTest.php23
-rw-r--r--tests/UtilsTest.php19
5 files changed, 58 insertions, 12 deletions
diff --git a/application/LinkDB.php b/application/LinkDB.php
index a673b086..82763618 100644
--- a/application/LinkDB.php
+++ b/application/LinkDB.php
@@ -375,7 +375,10 @@ You use the community supported version of the original Shaarli project, by Seba
375 */ 375 */
376 public function filterDay($day) 376 public function filterDay($day)
377 { 377 {
378 // TODO: check input format 378 if (! checkDateFormat('Ymd', $day)) {
379 throw new Exception('Invalid date format');
380 }
381
379 $filtered = array(); 382 $filtered = array();
380 foreach ($this->links as $l) { 383 foreach ($this->links as $l) {
381 if (startsWith($l['linkdate'], $day)) { 384 if (startsWith($l['linkdate'], $day)) {
diff --git a/application/Utils.php b/application/Utils.php
index 82220bfc..a1e97b35 100644
--- a/application/Utils.php
+++ b/application/Utils.php
@@ -69,4 +69,19 @@ function sanitizeLink(&$link)
69 $link['description'] = escape($link['description']); 69 $link['description'] = escape($link['description']);
70 $link['tags'] = escape($link['tags']); 70 $link['tags'] = escape($link['tags']);
71} 71}
72
73/**
74 * Checks if a string represents a valid date
75 *
76 * @param string a string-formatted date
77 * @param format the expected DateTime format of the string
78 * @return whether the string is a valid date
79 * @see http://php.net/manual/en/class.datetime.php
80 * @see http://php.net/manual/en/datetime.createfromformat.php
81 */
82function checkDateFormat($format, $string)
83{
84 $date = DateTime::createFromFormat($format, $string);
85 return $date && $date->format($string) == $string;
86}
72?> 87?>
diff --git a/index.php b/index.php
index 561f946e..5771dd88 100644
--- a/index.php
+++ b/index.php
@@ -957,7 +957,13 @@ function showDaily()
957 if ($i<count($days)-1) $nextday=$days[$i+1]; 957 if ($i<count($days)-1) $nextday=$days[$i+1];
958 } 958 }
959 959
960 $linksToDisplay=$LINKSDB->filterDay($day); 960 try {
961 $linksToDisplay = $LINKSDB->filterDay($day);
962 } catch (Exception $exc) {
963 error_log($exc);
964 $linksToDisplay = [];
965 }
966
961 // We pre-format some fields for proper output. 967 // We pre-format some fields for proper output.
962 foreach($linksToDisplay as $key=>$link) 968 foreach($linksToDisplay as $key=>$link)
963 { 969 {
diff --git a/tests/LinkDBTest.php b/tests/LinkDBTest.php
index ee8dbee3..8b0bd23b 100644
--- a/tests/LinkDBTest.php
+++ b/tests/LinkDBTest.php
@@ -396,19 +396,22 @@ class LinkDBTest extends PHPUnit_Framework_TestCase
396 396
397 /** 397 /**
398 * Use an invalid date format 398 * Use an invalid date format
399 * @expectedException Exception
400 * @expectedExceptionMessageRegExp /Invalid date format/
399 */ 401 */
400 public function testFilterInvalidDay() 402 public function testFilterInvalidDayWithChars()
401 { 403 {
402 $this->assertEquals( 404 self::$privateLinkDB->filterDay('Rainy day, dream away');
403 0, 405 }
404 sizeof(self::$privateLinkDB->filterDay('Rainy day, dream away'))
405 );
406 406
407 // TODO: check input format 407 /**
408 $this->assertEquals( 408 * Use an invalid date format
409 6, 409 * @expectedException Exception
410 sizeof(self::$privateLinkDB->filterDay('20')) 410 * @expectedExceptionMessageRegExp /Invalid date format/
411 ); 411 */
412 public function testFilterInvalidDayDigits()
413 {
414 self::$privateLinkDB->filterDay('20');
412 } 415 }
413 416
414 /** 417 /**
diff --git a/tests/UtilsTest.php b/tests/UtilsTest.php
index bbba99f2..90392dfb 100644
--- a/tests/UtilsTest.php
+++ b/tests/UtilsTest.php
@@ -74,5 +74,24 @@ class UtilsTest extends PHPUnit_Framework_TestCase
74 $this->assertTrue(endsWith('å!ùµ', 'ùµ', false)); 74 $this->assertTrue(endsWith('å!ùµ', 'ùµ', false));
75 $this->assertTrue(endsWith('µ$åù', 'åù', true)); 75 $this->assertTrue(endsWith('µ$åù', 'åù', true));
76 } 76 }
77
78 /**
79 * Check valid date strings, according to a DateTime format
80 */
81 public function testCheckValidDateFormat()
82 {
83 $this->assertTrue(checkDateFormat('Ymd', '20150627'));
84 $this->assertTrue(checkDateFormat('Y-m-d', '2015-06-27'));
85 }
86
87 /**
88 * Check erroneous date strings, according to a DateTime format
89 */
90 public function testCheckInvalidDateFormat()
91 {
92 $this->assertFalse(checkDateFormat('Ymd', '2015'));
93 $this->assertFalse(checkDateFormat('Y-m-d', '2015-06'));
94 $this->assertFalse(checkDateFormat('Ymd', 'DeLorean'));
95 }
77} 96}
78?> 97?>