Commit ca7f737d authored by Carsten  Rose's avatar Carsten Rose
Browse files

Merge branch '5309-min-max-to-parameter-field'

parents cfa3d8ea 39e7d02f
......@@ -983,10 +983,6 @@ Only in FormElement:
+------------------+------+-------+-----------------------------------------------------------------------------------------+
| **email** | Form | Query | [a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,} |
+------------------+------+-------+-----------------------------------------------------------------------------------------+
| **min|max** | Form | | Compares the value against an lower and upper limit (numeric or string). |
+------------------+------+-------+-----------------------------------------------------------------------------------------+
| **min|max date** | Form | | Compares the value against an lower and upper date or datetime. |
+------------------+------+-------+-----------------------------------------------------------------------------------------+
| **pattern** | Form | | Compares the value against a regexp. |
+------------------+------+-------+-----------------------------------------------------------------------------------------+
......@@ -2327,7 +2323,6 @@ Fields:
+---------------------+-----------------------------+-----------------------------------------------------------------------------------------------------+
|Check Type | enum('alnumx','digit', | _`field-checktype` |
| | 'numerical','email', | |
| | 'min|max','min|max date', | |
| | 'pattern','allbut','all') | |
+---------------------+-----------------------------+-----------------------------------------------------------------------------------------------------+
|Check Pattern | 'regexp' |_`field-checkpattern`: If $checkType=='pattern': pattern to match |
......@@ -2495,6 +2490,12 @@ See also at specific *FormElement* definitions.
+------------------------+--------+----------------------------------------------------------------------------------------------------------+
| fillStoreVar | string | Fill the STORE_VAR with custom values. See `STORE_VARS`_. |
+------------------------+--------+----------------------------------------------------------------------------------------------------------+
| min | s/d/n | Minimum and/or maximum allowed values for input field. Can be used for numbers, dates, or strings. |
+------------------------+--------+ |
| max | s/d/n | *Always use the international format 'yyyy-mm-dd[ hh:mm[:ss]]* |
+------------------------+--------+----------------------------------------------------------------------------------------------------------+
* `s/d/n`: string or date or number.
Effect matrix
......
......@@ -94,7 +94,7 @@ Features
Bug Fixes
^^^^^^^^^
* Bug in sendeEmail: invalid SSL_version specified at /usr/share/perl5/IO/Socket/SSL.pm line 575. Patch for sendEmail (see https://unix.stackexchange.com/a/68952).
* Bug in sendEmail: invalid SSL_version specified at /usr/share/perl5/IO/Socket/SSL.pm line 575. Patch for sendEmail (see https://unix.stackexchange.com/a/68952).
Version 0.25.8
......
......@@ -1130,6 +1130,7 @@ abstract class AbstractBuildForm {
$attribute .= Support::doAttribute('data-load', ($formElement[FE_DYNAMIC_UPDATE] === 'yes') ? 'data-load' : '');
$attribute .= Support::doAttribute('title', $formElement[FE_TOOLTIP]);
$attribute .= $this->getInputCheckPattern($formElement[FE_CHECK_TYPE], $formElement[FE_CHECK_PATTERN]);
$attribute .= $this->getAttributeList($formElement, [FE_MIN, FE_MAX]);
$attribute .= $this->getAttributeFeMode($formElement[FE_MODE], false);
......@@ -1399,16 +1400,6 @@ abstract class AbstractBuildForm {
}
switch ($type) {
case SANITIZE_ALLOW_MIN_MAX:
case SANITIZE_ALLOW_MIN_MAX_DATE:
$arrData = explode("|", $data);
if (count($arrData) != 2 || $arrData[0] == '' || $arrData[1] == '')
throw new UserFormException("Missing MIN|MAX values", ERROR_MISSING_MIN_MAX);
$attribute = 'min="' . $arrData[0] . '" ';
$attribute .= 'max="' . $arrData[1] . '" ';
break;
case SANITIZE_ALLOW_PATTERN:
$attribute = 'pattern="' . $data . '" ';
break;
......@@ -3087,8 +3078,6 @@ abstract class AbstractBuildForm {
$attribute .= Support::doAttribute('name', $htmlFormElementName);
$attribute .= Support::doAttribute('class', 'form-control');
$arrMinMax = null;
$this->adjustMaxLength($formElement);
$showTime = ($formElement[FE_TYPE] == 'time' || $formElement[FE_TYPE] == 'datetime') ? 1 : 0;
if ($value == 'CURRENT_TIMESTAMP') {
......@@ -3104,12 +3093,6 @@ abstract class AbstractBuildForm {
case SANITIZE_ALLOW_PATTERN:
$formElement[FE_CHECK_PATTERN] = $tmpPattern;
break;
case SANITIZE_ALLOW_MIN_MAX_DATE:
$arrMinMax = explode('|', $formElement[FE_CHECK_PATTERN], 2);
if (count($arrMinMax) != 2) {
throw new UserFormException('Missing min|max definition', ERROR_MISSING_MIN_MAX);
}
break;
case SANITIZE_ALLOW_ALL:
case SANITIZE_ALLOW_ALNUMX:
case SANITIZE_ALLOW_ALLBUT:
......@@ -3161,11 +3144,7 @@ abstract class AbstractBuildForm {
$attribute .= Support::doAttribute('data-load', ($formElement[FE_DYNAMIC_UPDATE] === 'yes') ? 'data-load' : '');
$attribute .= Support::doAttribute('title', $formElement[FE_TOOLTIP]);
$attribute .= $this->getInputCheckPattern($formElement[FE_CHECK_TYPE], $formElement[FE_CHECK_PATTERN]);
if (is_array($arrMinMax)) {
$attribute .= Support::doAttribute('min', $arrMinMax[0]);
$attribute .= Support::doAttribute('max', $arrMinMax[1]);
}
$attribute .= $this->getAttributeList($formElement, [FE_MIN, FE_MAX]);
$json = $this->getFormElementForJson($htmlFormElementName, $value, $formElement);
......
......@@ -146,8 +146,6 @@ const ERROR_UNKNOWN_FORWARD_MODE = 1036;
const ERROR_MISSING_HIDDEN_FIELD_IN_SIP = 1038;
const ERROR_MISSING_MIN_MAX = 1040;
const ERROR_MIN_MAX_VIOLATION = 1041;
const ERROR_UNKNOWN_CHECKTYPE = 1042;
const ERROR_PATTERN_VIOLATION = 1043;
const ERROR_RECORDID_0_FORBIDDEN = 1044;
......@@ -188,6 +186,8 @@ const ERROR_QFQ_VERSION = 1079;
const ERROR_PLAY_SQL_FILE = 1080;
const ERROR_MISSING_FILE_NAME = 1081;
const ERROR_MAX_FILE_SIZE_TOO_BIG = 1082;
const ERROR_SMALLER_THAN_MIN = 1083;
const ERROR_LARGER_THAN_MAX = 1084;
// Subrecord
const ERROR_SUBRECORD_MISSING_COLUMN_ID = 1100;
......@@ -965,6 +965,9 @@ const FE_IMAGE_CUT_ORIGINAL_EXTENSION = '.save';
const FE_FLAG_ROW_OPEN_TAG = '_flagRowOpenTag'; // will be automatically computed during Formload: true | false
const FE_FLAG_ROW_CLOSE_TAG = '_flagRowCloseTag'; // will be automatically computed during Formload: true | false
const FE_MIN = 'min';
const FE_MAX = 'max';
const RETYPE_FE_NAME_EXTENSION = 'RETYPE';
const TYPEAHEAD_PLACEHOLDER = '?';
......
......@@ -58,7 +58,7 @@ class Evaluate {
}
/**
* Evaluate a whole array or a array of arrays.
* Evaluate a whole array or an array of arrays.
*
* @param $tokenArray
* @param array $skip Optional Array with keynames, which will not be evaluated.
......
......@@ -654,7 +654,7 @@ class QuickFormQuery {
$formSpec = $this->eval->parseArray($form);
// Setting defaults later is to late.
// Setting defaults later is too late.
if (!isset($formSpec[F_DB_INDEX_DATA])) {
$formSpec[F_DB_INDEX_DATA] = $this->dbIndexData;
}
......
......@@ -98,6 +98,10 @@ $UPDATE_ARRAY = array(
"ALTER TABLE `FormElement` CHANGE `type` `type` ENUM( 'checkbox', 'date', 'datetime', 'dateJQW', 'datetimeJQW', 'extra', 'gridJQW', 'text', 'editor', 'annotate', 'imageCut', 'time', 'note', 'password', 'radio', 'select', 'subrecord', 'upload', 'fieldset', 'pill', 'templateGroup', 'beforeLoad', 'beforeSave', 'beforeInsert', 'beforeUpdate', 'beforeDelete', 'afterLoad', 'afterSave', 'afterInsert', 'afterUpdate', 'afterDelete', 'sendMail', 'paste' ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'text';",
],
'0.25.11' => [
"UPDATE FormElement SET parameter = CONCAT(parameter, '\nmin = ', SUBSTRING_INDEX(checkPattern, '|', 1), '\nmax = ', SUBSTRING_INDEX(checkPattern, '|', -1)) WHERE checkType LIKE 'min|max%' AND checkPattern <> ''",
"ALTER TABLE `FormElement` CHANGE `checkType` `checkType` ENUM('alnumx','digit','numerical','email','pattern','allbut','all') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'alnumx';",
],
);
......
......@@ -32,71 +32,18 @@ class Sanitize {
* If check fails, depending on $mode, throws an UserException or return an empty string.
*
* @param string $value value to check
* @param string $sanitizeClass SANITIZE_ALLOW_*
* @param string $patternOrRange Pattern as regexp or MIN|MAX values
* @param string $sanitizeClass
* @param string $pattern Pattern as regexp
* @param string $mode SANITIZE_EXCEPTION | SANITIZE_EMPTY_STRING
*
* @return string
* @throws UserFormException
* @throws \qfq\CodeException
*/
public static function sanitize($value, $sanitizeClass = SANITIZE_DEFAULT, $patternOrRange = '', $mode = SANITIZE_EMPTY_STRING) {
$pattern = '';
$minMax = array();
$valueCompare = '';
$errorCode = 0;
$errorText = '';
// Prepare MIN|MAX
public static function sanitize($value, $sanitizeClass = SANITIZE_DEFAULT, $pattern = '', $mode = SANITIZE_EMPTY_STRING) {
// Prepare pattern check
switch ($sanitizeClass) {
case SANITIZE_ALLOW_MIN_MAX:
$minMax = explode('|', $patternOrRange);
$valueCompare = $value;
break;
case SANITIZE_ALLOW_MIN_MAX_DATE:
$minMax = explode('|', $patternOrRange);
//TODO: hier sollten die Exceptions abgefangen werden um zwei unterschiedliche Fehlermeldungen ausgeben zu koennen:
// a) der Value verletzt die Datumsgrenzen
// b) die Definition der Grenzen ist buggy
// try {
$valueCompare = Support::dateTimeGermanToInternational($value);
// } catch (UserFormException $e) {
// throw new UserFormException("Date or time not recognized '" . $value . "' - " . $e->formatMessage(), ERROR_SANATIZE_INVALID_VALUE);
// }
// try {
$minMax[0] = Support::dateTimeGermanToInternational($minMax[0]);
$minMax[1] = Support::dateTimeGermanToInternational($minMax[1]);
// } catch (UserFormException $e) {
// throw new UserFormException("Date or time of min|max definition not recognized '" . $patternOrRange . "' - " . $e->formatMessage(), ERROR_SANATIZE_INVALID_VALUE);
// }
break;
default:
break;
}
// Prepare Check
switch ($sanitizeClass) {
case SANITIZE_ALLOW_MIN_MAX:
case SANITIZE_ALLOW_MIN_MAX_DATE:
if ($minMax[0] === '' || $minMax[1] === '') {
throw new UserFormException('Missing definition of value for min or max.', ERROR_MISSING_MIN_MAX);
}
$errorText = "Value '$value' is out of range of '$patternOrRange'.";
if ($minMax[0] <= $valueCompare && $valueCompare <= $minMax[1])
return $value;
$errorCode = ERROR_MIN_MAX_VIOLATION;
break;
case SANITIZE_ALLOW_PATTERN:
$pattern = $patternOrRange;
break;
case SANITIZE_ALLOW_DIGIT:
......@@ -105,34 +52,69 @@ class Sanitize {
case SANITIZE_ALLOW_ALNUMX:
case SANITIZE_ALLOW_ALLBUT:
$arr = self::inputCheckPatternArray();
$pattern = $arr[$sanitizeClass];
$pattern = $arr[$sanitizeClass];
break;
case SANITIZE_ALLOW_ALL: // no checktype specified.
case SANITIZE_ALLOW_ALL: // no checkType specified.
return $value;
default:
throw new CodeException("Unknown checkType: " . $sanitizeClass, ERROR_UNKNOWN_CHECKTYPE);
}
// No error until here: do a final check
if ($errorCode == 0) {
if (preg_match("/$pattern/", $value) === 1)
return $value;
else
$errorCode = ERROR_PATTERN_VIOLATION;
// Pattern check
if ($pattern === '' || preg_match("/$pattern/", $value) === 1) {
return $value;
}
// check failed
if ($mode === SANITIZE_EXCEPTION) {
if ($errorText === '')
$errorText = "Value '$value' violates checkrule " . $sanitizeClass . " with pattern '$pattern'.";
$errorCode = ERROR_PATTERN_VIOLATION;
$errorText = "Value '$value' violates checkrule " . $sanitizeClass . " with pattern '$pattern'.";
throw new UserFormException($errorText, $errorCode);
}
// check failed: return marker
return SANITIZE_VIOLATE . $sanitizeClass . SANITIZE_VIOLATE;
}
/**
* Check $value against $formElement's min/max values. If check succeeds, returns value.
* If check fails, depending on $mode, throws an UserException or return an empty string.
*
* @param string $value value to check
* @param $formElement
* @param string $mode SANITIZE_EXCEPTION | SANITIZE_EMPTY_STRING
*
* @return string
* @throws UserFormException
* @throws \qfq\CodeException
*/
public static function checkMinMax($value, $formElement, $mode = SANITIZE_EMPTY_STRING) {
$min = Support::setIfNotSet($formElement, FE_MIN);
$max = Support::setIfNotSet($formElement, FE_MAX);
$errorCode = 0;
$errorText = '';
if ($min !== '' && $value < $min) {
$errorCode = ERROR_SMALLER_THAN_MIN;
$errorText = "Value '$value' is smaller than the allowed minimum of '$min'.";
}
if ($max !== '' && $value > $max) {
$errorCode = ERROR_LARGER_THAN_MAX;
$errorText = "Value '$value' is larger than the allowed maximum of '$max'.";
}
if ($errorCode == 0)
return $value;
// check failed
if ($mode === SANITIZE_EXCEPTION) {
throw new UserFormException($errorText, $errorCode);
}
return '';
}
/**
* @return array
*/
......@@ -143,8 +125,6 @@ class Sanitize {
SANITIZE_ALLOW_DIGIT => '^[\d]*$',
SANITIZE_ALLOW_NUMERICAL => '^[\d.+-]*$',
SANITIZE_ALLOW_EMAIL => '^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$',
SANITIZE_ALLOW_MIN_MAX => '',
SANITIZE_ALLOW_MIN_MAX_DATE => '',
SANITIZE_ALLOW_PATTERN => '',
SANITIZE_ALLOW_ALLBUT => '^[^\[\]{}%&\\\\#]*$',
SANITIZE_ALLOW_ALL => '.*',
......
......@@ -222,22 +222,22 @@ class FillStoreForm {
// copy value to $newValues
if (isset($clientValues[$clientFieldName])) {
if ($formElement[FE_DYNAMIC_UPDATE] === 'yes' || $formElement[FE_MODE] === FE_MODE_REQUIRED || $formElement[FE_MODE] === FE_MODE_SHOW) {
$val = $clientValues[$clientFieldName];
switch ($formElement[FE_TYPE]) {
case FE_TYPE_DATE:
case FE_TYPE_DATETIME:
case FE_TYPE_TIME:
if ($clientValues[$clientFieldName] !== '') // do not check empty values
$newValues[$formElement[FE_NAME]] = $this->doDateTime($formElement, $clientValues[$clientFieldName]);
$val = $this->doDateTime($formElement, $val);
break;
default:
$val = $clientValues[$clientFieldName];
if ($formElement[FE_TYPE] == FE_TYPE_EDITOR) {
// Tiny MCE always wrap a '<p>' around the content. Remove it before saving.
$val = Support::unWrapTag('<p>', $val);
}
// Check only if their is something.
// Check only if there is something.
if ($val !== '') {
$val = Sanitize::sanitize($val, $formElement[FE_CHECK_TYPE], $formElement[FE_CHECK_PATTERN], SANITIZE_EXCEPTION);
if ($formElement[FE_ENCODE] === FE_ENCODE_SPECIALCHAR) {
......@@ -245,9 +245,13 @@ class FillStoreForm {
$val = Support::htmlEntityEncodeDecode(MODE_ENCODE, $val);
}
}
$newValues[$formElement[FE_NAME]] = $val;
break;
}
if ($val !== '')
$val = Sanitize::checkMinMax($val, $formElement, SANITIZE_EXCEPTION);
$newValues[$formElement[FE_NAME]] = $val;
}
}
}
......
......@@ -473,8 +473,8 @@ class Store {
$rawVal = isset(self::$raw[$store][$finalKey]) ? self::$raw[$store][$finalKey] : null;
if (self::$sanitizeStore[$store] && $sanitizeClass != '') {
if ($sanitizeClass == SANITIZE_ALLOW_PATTERN || $sanitizeClass == SANITIZE_ALLOW_MIN_MAX || $sanitizeClass == SANITIZE_ALLOW_MIN_MAX_DATE) {
// We do not have any pattern or min|max values at this point. For those who be affected, they already checked earlier. So set 'no check'
if ($sanitizeClass == SANITIZE_ALLOW_PATTERN) {
// We do not have any pattern at this point. For those who be affected, they already checked earlier. So set 'no check'
$sanitizeClass = SANITIZE_ALLOW_ALL;
}
......
......@@ -83,7 +83,7 @@ CREATE TABLE IF NOT EXISTS `FormElement` (
'afterSave', 'afterInsert', 'afterUpdate', 'afterDelete', 'sendMail', 'paste') NOT NULL DEFAULT 'text',
`subrecordOption` SET('edit', 'delete', 'new') NOT NULL DEFAULT '',
`encode` ENUM('none', 'specialchar') NOT NULL DEFAULT 'specialchar',
`checkType` ENUM('alnumx', 'digit', 'numerical', 'email', 'min|max', 'min|max date', 'pattern', 'allbut', 'all') NOT NULL DEFAULT 'alnumx',
`checkType` ENUM('alnumx', 'digit', 'numerical', 'email', 'pattern', 'allbut', 'all') NOT NULL DEFAULT 'alnumx',
`checkPattern` VARCHAR(255) NOT NULL DEFAULT '',
`onChange` VARCHAR(255) NOT NULL DEFAULT '',
......@@ -319,7 +319,7 @@ VALUES
'<a href="{{DOCUMENTATION_QFQ:Y}}#multi-language-form">Info</a>', '', '', '', '', 100, '', 'no', '', '', '', '{{SELECT IF("{{FORM_LANGUAGE_D_ID:YE}}"="","hidden","show" ) }}', '', 'none'),
(2, 'encode', 'Encode', 'show', 'radio', 'all', 'native', 300, 0, 0, '<a href="{{DOCUMENTATION_QFQ:Y}}#field-encode">Info</a>', '', '', '', 'buttonClass=btn-default', 101, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'checkType', 'Check Type', 'show', 'radio', 'all', 'native', 310, 0, 0, '<a href="{{DOCUMENTATION_QFQ:Y}}#field-checktype">Info</a>', '', '', '', 'buttonClass=btn-default', 101, '', 'yes', '', '', '', '', '', 'specialchar'),
(2, 'checkPattern', 'Check Pattern', 'show', 'text', 'all', 'native', 320, 0, 0, '<a href="{{DOCUMENTATION_QFQ:Y}}#field-checkpattern">Info</a>', '', '', '', '', 101, '', 'yes', '', '', '',
(2, 'checkPattern', 'Check Pattern', 'show', 'text', 'all', 'native', 320, 0, 0, '<a href="{{DOCUMENTATION_QFQ:Y}}#field-checkpattern">Info</a>, <a href="https://regex101.com/">Regex101</a>', '', '', '', '', 101, '', 'yes', '', '', '',
'{{ SELECT IF("{{checkType:FRE:alnumx}}"="pattern" OR "{{checkType:FRE:allbut}}" LIKE "min%", "show", "hidden") }}', '', 'none'),
#(2, 'onChange', 'JS onChange', 'show', 'text', 'all', 'native', 330, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', '', 'none'),
(2, 'ord', 'Order', 'show', 'text', 'all', 'native', 340, 0, 0, '<a href="{{DOCUMENTATION_QFQ:Y}}#field-ord">Info</a>', '',
......
......@@ -84,13 +84,29 @@ class BuildFormPlainTest extends AbstractDatabaseTest {
$this->assertEquals('<input id="123" name="name:1" class="form-control" maxlength="255" type="input" value="" data-hidden="no" data-required="no" ><div class="help-block with-errors hidden"></div>', $result);
$this->assertEquals(['disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', API_ELEMENT_UPDATE => $label], $json);
// CheckType
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_MIN_MAX;
$formElement[FE_CHECK_PATTERN] = '1|10';
// Min/Max
$formElement[FE_MIN] = 1;
$formElement[FE_MAX] = 10;
$result = $build->buildInput($formElement, 'name:1', '', $json);
$this->assertEquals('<input id="123" name="name:1" class="form-control" maxlength="255" type="input" value="" min="1" max="10" data-hidden="no" data-required="no" ><div class="help-block with-errors hidden"></div>', $result);
$this->assertEquals(['disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', 'disabled' => false, API_ELEMENT_UPDATE => $label], $json);
$formElement[FE_MIN] = 1;
$formElement[FE_MAX] = '';
$result = $build->buildInput($formElement, 'name:1', '', $json);
$this->assertEquals('<input id="123" name="name:1" class="form-control" maxlength="255" type="input" value="" min="1" data-hidden="no" data-required="no" ><div class="help-block with-errors hidden"></div>', $result);
$this->assertEquals(['disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', 'disabled' => false, API_ELEMENT_UPDATE => $label], $json);
$formElement[FE_MIN] = '';
$formElement[FE_MAX] = 10;
$result = $build->buildInput($formElement, 'name:1', '', $json);
$this->assertEquals('<input id="123" name="name:1" class="form-control" maxlength="255" type="input" value="" max="10" data-hidden="no" data-required="no" ><div class="help-block with-errors hidden"></div>', $result);
$this->assertEquals(['disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', 'disabled' => false, API_ELEMENT_UPDATE => $label], $json);
// reset so they don't interfere with next tests
$formElement[FE_MIN] = '';
$formElement[FE_MAX] = '';
// CheckType
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_PATTERN;
$formElement[FE_CHECK_PATTERN] = '^[a-z]*$';
$result = $build->buildInput($formElement, 'name:1', '', $json);
......@@ -172,24 +188,6 @@ class BuildFormPlainTest extends AbstractDatabaseTest {
$this->assertEquals(['disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => 'Hello World', 'disabled' => false, API_ELEMENT_UPDATE => $label], $json);
}
/**
* @expectedException \qfq\UserFormException
*
*/
public function testBuildInputException() {
$form = array();
$formElement = array();
$json = array();
$this->templateFormNFormElement($form, $formElement);
$build = new \qfq\BuildFormPlain($form, array(), [$formElement], $this->dbArray);
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_MIN_MAX;
$formElement[FE_CHECK_PATTERN] = '';
$result = $build->buildInput($formElement, 'name:1', '', $json);
}
/**
*
*/
......
......@@ -26,7 +26,6 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
# Check ''
$this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_ALNUMX), "SANITIZE_ALNUMX fails");
$this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_DIGIT), "SANITIZE_DIGIT fails");
$this->assertEquals('!!min|max!!', Sanitize::sanitize('', SANITIZE_ALLOW_MIN_MAX, '1|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals('!!email!!', Sanitize::sanitize('', SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
$this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_PATTERN, '.*'), "SANITIZE_PATTERN fails");
$this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_ALL), "SANITIZE_ALL fails");
......@@ -35,7 +34,6 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
# Check '1'
$this->assertEquals('1', Sanitize::sanitize('1', SANITIZE_ALLOW_ALNUMX), "SANITIZE_ALNUMX fails");
$this->assertEquals('1', Sanitize::sanitize('1', SANITIZE_ALLOW_DIGIT), "SANITIZE_DIGIT fails");
$this->assertEquals('1', Sanitize::sanitize('1', SANITIZE_ALLOW_MIN_MAX, '1|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals('!!email!!', Sanitize::sanitize('1', SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
$this->assertEquals('1', Sanitize::sanitize('1', SANITIZE_ALLOW_PATTERN, '.*'), "SANITIZE_PATTERN fails");
$this->assertEquals('1', Sanitize::sanitize('1', SANITIZE_ALLOW_ALL), "SANITIZE_ALL fails");
......@@ -44,7 +42,6 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
# Check '-3'
$this->assertEquals('-3', Sanitize::sanitize('-3', SANITIZE_ALLOW_ALNUMX), "SANITIZE_ALNUMX fails");
$this->assertEquals('!!digit!!', Sanitize::sanitize('-3', SANITIZE_ALLOW_DIGIT), "SANITIZE_DIGIT fails");
$this->assertEquals('-3', Sanitize::sanitize('-3', SANITIZE_ALLOW_MIN_MAX, '-5|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals('!!email!!', Sanitize::sanitize('-3', SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
$this->assertEquals('-3', Sanitize::sanitize('-3', SANITIZE_ALLOW_PATTERN, '.*'), "SANITIZE_PATTERN fails");
$this->assertEquals('-3', Sanitize::sanitize('-3', SANITIZE_ALLOW_ALL), "SANITIZE_ALL fails");
......@@ -53,7 +50,6 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
# Check 'a'
$this->assertEquals('a', Sanitize::sanitize('a', SANITIZE_ALLOW_ALNUMX), "SANITIZE_ALNUMX fails");
$this->assertEquals('!!digit!!', Sanitize::sanitize('a', SANITIZE_ALLOW_DIGIT), "SANITIZE_DIGIT fails");
$this->assertEquals('!!min|max!!', Sanitize::sanitize('a', SANITIZE_ALLOW_MIN_MAX, '-5|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals('!!email!!', Sanitize::sanitize('a', SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
$this->assertEquals('a', Sanitize::sanitize('a', SANITIZE_ALLOW_PATTERN, '.*'), "SANITIZE_PATTERN fails");
$this->assertEquals('a', Sanitize::sanitize('a', SANITIZE_ALLOW_ALL), "SANITIZE_ALL fails");
......@@ -64,7 +60,6 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
$val = 'a@-_.,;Z09';
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_ALNUMX), "SANITIZE_ALNUMX fails");
$this->assertEquals('!!digit!!', Sanitize::sanitize($val, SANITIZE_ALLOW_DIGIT), "SANITIZE_DIGIT fails");
$this->assertEquals('!!min|max!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '-5|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals('!!email!!', Sanitize::sanitize($val, SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_PATTERN, '.*'), "SANITIZE_PATTERN fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_ALL), "SANITIZE_ALL fails");
......@@ -74,7 +69,6 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
$val = 'a+Z09';
$this->assertEquals('!!alnumx!!', Sanitize::sanitize($val, SANITIZE_ALLOW_ALNUMX), "SANITIZE_ALNUMX fails");
$this->assertEquals('!!digit!!', Sanitize::sanitize($val, SANITIZE_ALLOW_DIGIT), "SANITIZE_DIGIT fails");
$this->assertEquals('!!min|max!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '-5|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals('!!email!!', Sanitize::sanitize($val, SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_PATTERN, '.*'), "SANITIZE_PATTERN fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_ALL), "SANITIZE_ALL fails");
......@@ -84,7 +78,6 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
$val = 'ÀÈÌÒÙàèìòùÁÉÍÓÚÝáéíóúýÂÊÎÔÛâêîôûÃÑÕãñõÄËÏÖÜŸäëïöüÿ';
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_ALNUMX), "SANITIZE_ALNUMX fails");
$this->assertEquals('!!digit!!', Sanitize::sanitize($val, SANITIZE_ALLOW_DIGIT), "SANITIZE_DIGIT fails");
$this->assertEquals('!!min|max!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '-5|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals('!!email!!', Sanitize::sanitize($val, SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_PATTERN, '.*'), "SANITIZE_PATTERN fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_ALL), "SANITIZE_ALL fails");
......@@ -97,48 +90,32 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
* @throws UserFormException
*/
public function testSanitizeMinMax() {
$msg = "SANITIZE_MIN_MAX fails";
# Check min|max
# Check numerical min/max
$val = 56;
$this->assertEquals('!!min|max!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '0|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '0|200'), "SANITIZE_MIN_MAX fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '-100|200'), "SANITIZE_MIN_MAX fails");
$val = -56;
$this->assertEquals('!!min|max!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '0|2'), "SANITIZE_MIN_MAX fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '-100|0'), "SANITIZE_MIN_MAX fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '-100|200'), "SANITIZE_MIN_MAX fails");
}
$this->assertEquals('', Sanitize::checkMinMax($val, [ FE_MIN => "0", FE_MAX => "2" ]), $msg);
$this->assertEquals($val, Sanitize::checkMinMax($val, [ FE_MIN => "0" ]), $msg);
$this->assertEquals($val, Sanitize::checkMinMax($val, [FE_MAX => "56"]), $msg);
/**
* @throws CodeException
* @throws UserFormException
*/
public function testSanitizeMinMaxDate() {
# Check min|max
$val = '15.04.2016';
$this->assertEquals('!!min|max date!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.06.2016|31.12.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals('!!min|max date!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.2016|31.01.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.2016|31.12.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
# Check min|max
$val = '15.04.16';
$this->assertEquals('!!min|max date!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.06.16|31.12.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals('!!min|max date!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.16|31.01.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.16|31.12.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
# Check min|max
$val = '15.4.16';
$this->assertEquals('!!min|max date!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '1.6.16|31.12.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals('!!min|max date!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '1.1.16|31.1.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '1.1.16|31.12.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
# Check min|max
$val = '15.4.16';
$this->assertEquals('!!min|max date!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.06.2016|31.12.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals('!!min|max date!!', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.2016|31.01.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.2016|31.12.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
$this->assertEquals('', Sanitize::checkMinMax($val, [FE_MIN => "57"]), $msg);
$this->assertEquals('', Sanitize::checkMinMax($val, [ FE_MAX => "2" ]), $msg);
$this->assertEquals($val, Sanitize::checkMinMax($val, [ FE_MIN => "0", FE_MAX => "200" ]), $msg);
$this->assertEquals($val, Sanitize::checkMinMax($val, [ FE_MIN => "-100", FE_MAX => "200" ]), $msg);
$val = -56;
$this->assertEquals('', Sanitize::checkMinMax($val, [ FE_MIN => "0", FE_MAX => "2" ]), $msg);
$this->assertEquals('', Sanitize::checkMinMax($val, [ FE_MIN => "0", FE_MAX => "200" ]), $msg);
$this->assertEquals($val, Sanitize::checkMinMax($val, [ FE_MIN => "-100", FE_MAX => "200" ]), $msg);
# Check min/max dates
$msg = "SANITIZE_MIN_MAX Date fails";
$val = "2010-05-01";
$this->assertEquals($val, Sanitize::checkMinMax($val, [ FE_MIN => "2010-01-01", FE_MAX => "2010-12-31" ]), $msg);
$this->assertEquals('', Sanitize::checkMinMax($val, [ FE_MIN => "2010-01-01", FE_MAX => "2010-04-30" ]), $msg);
$this->assertEquals('', Sanitize::checkMinMax($val, [ FE_MIN => "2010-01-01", FE_MAX => "2009-12-31" ]), $msg);
$this->assertEquals('', Sanitize::checkMinMax($val, [ FE_MIN => "2011-01-01", FE_MAX => "2009-12-31" ]), $msg);
$this->assertEquals($val, Sanitize::checkMinMax($val, [ FE_MIN => "2010-05-01", FE_MAX => "2010-05-01" ]), $msg);