Commit 95ef0dfc authored by enured's avatar enured
Browse files

added documentation and edited sanitize default setting.

parent f3656982
Pipeline #6506 failed with stages
in 1 minute and 52 seconds
......@@ -141,7 +141,7 @@ Sanitize class
{{name:store:**sanitize**:escape:default:message}}
Values in STORE_CLIENT *C* (Client=Browser) and STORE_FORM *F* (Form, HTTP 'post') are checked against a
sanitize class. Values from other stores are *not* checked against any sanitize class, even if a sanitize class is specified.
sanitize class. Values from other stores are *not* checked against any sanitize class, unless a sanitize class is specified.
* Variables get by default the sanitize class defined in the corresponding `FormElement`. If not defined,
the default class is ``digit``.
......
......@@ -175,6 +175,14 @@ class Store {
self::fillStoreSip();
}
/**
* @param $storeName
* @return bool - true if store accepts sanitize class
*/
public function getSanitizeStore($storeName){
return self::sanitizeStore[$storeName];
}
/**
* Returns a pointer to this Class.
*
......
......@@ -468,4 +468,25 @@ class StoreTest extends TestCase {
$this->assertEquals(array(), $this->store->getStore('unknownstore'));
}
/**
* @throws \CodeException
* @throws \UserFormException
*/
public function testSanitizeNonDefault() {
foreach ([STORE_FORM, STORE_RECORD, STORE_SIP, STORE_BEFORE, STORE_PARENT_RECORD,
STORE_TABLE_DEFAULT, STORE_TABLE_COLUMN_TYPES, STORE_CLIENT, STORE_TYPO3,
STORE_VAR, STORE_SYSTEM, STORE_USER, STORE_LDAP] as $storeName) {
$this->store->setVar('color', 'green', $storeName);
if ($this->store->sanitizeStore($storeName)) {
$this->assertEquals('!!digit!!', $this->store->getVar('color', $storeName, SANITIZE_ALLOW_DIGIT), "Retrieve 'color' from STORE $storeName");
}
}
# var is not in R but in C. No sanatize given: C should complain
$this->store->setVar('color1', 'green', STORE_CLIENT);
$this->assertEquals('!!digit!!', $this->store->getVar('color1', 'RC'), "Retrieve 'color' from STORE_FORM");
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment