Sanatize.php: Sanatize MIN_MAX_DATE implemented

Support.php: dateTime2mysql implemented. Constants.php: add ERROR_DATE_TIME_FORMAT_NOT_RECOGNISED

Sanatize.php: Sanatize MIN_MAX_DATE implemented
Support.php: dateTime2mysql implemented. Constants.php: add ERROR_DATE_TIME_FORMAT_NOT_RECOGNISED
fcc3d43d · Carsten Rose · 57b5e1ed · fcc3d43d · fcc3d43d · fcc3d43d
Commit fcc3d43d authored Mar 25, 2016 by Carsten Rose
--- a/extension/qfq/qfq/Constants.php
+++ b/extension/qfq/qfq/Constants.php
@@ -124,6 +124,7 @@ const ERROR_MISSING_FORMELEMENT = 1049;
 const ERROR_INVALID_OR_MISSING_PARAMETER = 1050;
 const ERROR_UNKNOWN_SQL_LOG_MODE = 1051;
 const ERROR_FORM_NOT_FOUND = 1052;
+const ERROR_DATE_TIME_FORMAT_NOT_RECOGNISED = 1053;

 // Store
 const ERROR_STORE_VALUE_ALREADY_CODPIED = 1100;

--- a/extension/qfq/qfq/helper/Sanitize.php
+++ b/extension/qfq/qfq/helper/Sanitize.php
@@ -52,9 +52,9 @@ class Sanitize {

            case SANITIZE_ALLOW_MIN_MAX_DATE:
                $minMax = explode('|', $patternOrRange);
-                $valueCompare = date_create($value);
-                $minMax[0] = date_create($minMax[0]);
-                $minMax[1] = date_create($minMax[1]);
+                $valueCompare = Support::dateTime2mysql($value);
+                $minMax[0] = Support::dateTime2mysql($minMax[0]);
+                $minMax[1] = Support::dateTime2mysql($minMax[1]);
                break;

            default:
@@ -69,7 +69,7 @@ class Sanitize {
                if ($minMax[0] === '' || $minMax[1] === '') {
                    throw new UserException('Missing definition of value for min or max.', ERROR_MISSING_MIN_MAX);
                }
-                $errorText = "Value '$value' is smaller than min '$minMax[0]' or bigger than max '$minMax[1]'.";
+            $errorText = "Value '$value' is out of range of '$patternOrRange'.";

                if ($minMax[0] <= $valueCompare && $valueCompare <= $minMax[1])
                    return $value;

--- a/extension/qfq/qfq/helper/Support.php
+++ b/extension/qfq/qfq/helper/Support.php
@@ -100,4 +100,72 @@ class Support {

    }

+    /**
+     * Converts a dateTime String to the english format:
+     * 1.2.79 > 1979-02-01 00:00:00
+     * 01.02.13 3:24 >  1979-02-01 03:24:00
+     * 1.2.1979 14:21:5 > 1979-02-01 14:21:05
+     *
+     * @param $dateTimeString
+     * @return string
+     * @throws UserException
+     */
+    public static function dateTime2mysql($dateTimeString) {
+        $dateRaw = '';
+        $timeRaw = '';
+
+        $tmpArr = explode(' ', $dateTimeString);
+        switch (count($tmpArr)) {
+            case 0:
+                return '';
+
+            case 1:
+                if (strpos($tmpArr[0], '.') === false) {
+                    $timeRaw = $tmpArr[0];
+                } else {
+                    $dateRaw = $tmpArr[0];
+                }
+                break;
+
+            case 2:
+                $dateRaw = $tmpArr[0];
+                $timeRaw = $tmpArr[1];
+                break;
+
+            default:
+                throw new UserException('Date/time format not recognised.', ERROR_DATE_TIME_FORMAT_NOT_RECOGNISED);
+                break;
+        }
+
+        if ($dateRaw === '') {
+            $date = '0000-00-00';
+        } else {
+            $tmpArr = explode('.', $dateRaw);
+            if ($tmpArr[2] < 70) {
+                $tmpArr[2] = 2000 + $tmpArr[2];
+            } elseif ($tmpArr[2] < 100) {
+                $tmpArr[2] = 1900 + $tmpArr[2];
+            }
+            $date = sprintf("%04d-%02d-%02d", $tmpArr[2], $tmpArr[1], $tmpArr[0]);
+        }
+
+        if ($timeRaw === '') {
+            $time = '00:00:00';
+        } else {
+            $tmpArr = explode(':', $timeRaw);
+            switch (count($tmpArr)) {
+                case 2:
+                    $time = sprintf("%02d:%02d:00", $tmpArr[0], $tmpArr[1]);
+                    break;
+                case 3:
+                    $time = sprintf("%02d:%02d:%02d", $tmpArr[0], $tmpArr[1], $tmpArr[2]);
+                    break;
+                default:
+                    throw new UserException('Date/time format not recognised.', ERROR_DATE_TIME_FORMAT_NOT_RECOGNISED);
+                    break;
+            }
+        }
+
+        return $date . ' ' . $time;
+    }
 }
\ No newline at end of file
--- a/extension/qfq/tests/phpunit/SanitizeTest.php
+++ b/extension/qfq/tests/phpunit/SanitizeTest.php
@@ -84,6 +84,34 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
        $this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX, '-100|200'), "SANITIZE_MIN_MAX fails");
    }

+    public function testSanitizeMinMaxDate() {
+
+        # Check min|max
+        $val = '15.04.2016';
+        $this->assertEquals('', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.06.2016|31.12.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+        $this->assertEquals('', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.2016|31.01.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+        $this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.2016|31.12.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+
+        # Check min|max
+        $val = '15.04.16';
+        $this->assertEquals('', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.06.16|31.12.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+        $this->assertEquals('', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.16|31.01.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+        $this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.16|31.12.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+
+        # Check min|max
+        $val = '15.4.16';
+        $this->assertEquals('', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '1.6.16|31.12.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+        $this->assertEquals('', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '1.1.16|31.1.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+        $this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '1.1.16|31.12.16'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+
+        # Check min|max
+        $val = '15.4.16';
+        $this->assertEquals('', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.06.2016|31.12.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+        $this->assertEquals('', Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.2016|31.01.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+        $this->assertEquals($val, Sanitize::sanitize($val, SANITIZE_ALLOW_MIN_MAX_DATE, '01.01.2016|31.12.2016'), "SANITIZE_ALLOW_MIN_MAX_DATE fails");
+
+    }
+
    public function testSanitizeEmail() {

        # Check

--- a/extension/qfq/tests/phpunit/SupportTest.php
+++ b/extension/qfq/tests/phpunit/SupportTest.php
@@ -107,4 +107,26 @@ class SupportTest extends \PHPUnit_Framework_TestCase {

    }

+    public function testDateTime2mysql() {
+
+        // date
+        $this->assertEquals('2069-12-31 00:00:00', Support::dateTime2mysql('31.12.69'));
+        $this->assertEquals('1970-01-01 00:00:00', Support::dateTime2mysql('1.1.70'));
+        $this->assertEquals('1999-02-01 00:00:00', Support::dateTime2mysql('01.02.99'));
+        $this->assertEquals('2079-02-01 00:00:00', Support::dateTime2mysql('1.2.2079'));
+        $this->assertEquals('2079-02-01 00:00:00', Support::dateTime2mysql('01.02.2079'));
+
+        // time
+        $this->assertEquals('0000-00-00 03:04:00', Support::dateTime2mysql('3:4'));
+        $this->assertEquals('0000-00-00 03:04:00', Support::dateTime2mysql('03:04'));
+        $this->assertEquals('0000-00-00 03:14:00', Support::dateTime2mysql('3:14'));
+        $this->assertEquals('0000-00-00 13:14:00', Support::dateTime2mysql('13:14'));
+        $this->assertEquals('0000-00-00 13:14:01', Support::dateTime2mysql('13:14:1'));
+        $this->assertEquals('0000-00-00 13:14:41', Support::dateTime2mysql('13:14:41'));
+
+        // date time
+        $this->assertEquals('2069-02-01 01:02:00', Support::dateTime2mysql('1.2.69 1:2'));
+        $this->assertEquals('2016-12-31 23:48:59', Support::dateTime2mysql('31.12.2016 23:48:59'));
+
+    }
 }
--- a/extension/qfq/tests/phpunit/fixtures/TestFormEditor.sql
+++ b/extension/qfq/tests/phpunit/fixtures/TestFormEditor.sql
@@ -72,6 +72,7 @@ CREATE TABLE IF NOT EXISTS `FormElement` (
                         'sendmail')                                              NOT NULL DEFAULT 'text',
  `subrecordOption` SET('edit', 'delete', 'new')                                  NOT NULL DEFAULT '',
  `checkType`       ENUM('alnumx', 'digit', 'email', 'min|max', 'min|max date', 'pattern', 'all')  NOT NULL  DEFAULT 'alnumx',
+
  `checkPattern`    VARCHAR(255)                                                  NOT NULL DEFAULT '',

  `onChange`        VARCHAR(255)                                                  NOT NULL DEFAULT '',