Congegni
/
sintonia
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added input validation and fixed between relative date validation

This commit is contained in:
Robb Ebright 2017-10-14 23:15:47 -04:00
parent 67807bb4b3
commit 8807dbcbfb
2 changed files with 34 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
airtime_mvc/application/forms/SmartBlockCriteria.php
View File

@ -417,7 +417,7 @@ class Application_Form_SmartBlockCriteria extends Zend_Form_SubForm
// need to strip white from front and ago from the end to match with the value of the time unit select dropdown // need to strip white from front and ago from the end to match with the value of the time unit select dropdown
$extraDateTimeSelectValue = trim(preg_replace('/\W\w+\s*(\W*)$/', '$1', $extraDateTimeSelectValue)); $extraDateTimeSelectValue = trim(preg_replace('/\W\w+\s*(\W*)$/', '$1', $extraDateTimeSelectValue));
$criteriaExtraDatetimeSelect->setMultiOptions($this->getTimePeriodCriteriaOptions()); $criteriaExtraDatetimeSelect->setMultiOptions($this->getTimePeriodCriteriaOptions());
Logging::info('THIS IS-'.$extraDateTimeSelectValue.'-IT'); // Logging::info('THIS IS-'.$extraDateTimeSelectValue.'-IT');
$criteriaExtraDatetimeSelect->setValue($extraDateTimeSelectValue); $criteriaExtraDatetimeSelect->setValue($extraDateTimeSelectValue);
$criteriaExtraDatetimeSelect->setAttrib('enabled', 'enabled'); $criteriaExtraDatetimeSelect->setAttrib('enabled', 'enabled');
@ -527,6 +527,8 @@ class Application_Form_SmartBlockCriteria extends Zend_Form_SubForm
$eleMod->setMultiOptions($this->getStringCriteriaOptions()); $eleMod->setMultiOptions($this->getStringCriteriaOptions());
} elseif ($criteriaType == "n") { } elseif ($criteriaType == "n") {
$eleMod->setMultiOptions($this->getNumericCriteriaOptions()); $eleMod->setMultiOptions($this->getNumericCriteriaOptions());
} elseif ($criteriaType == "d") {
$eleMod->setMultiOptions($this->getDateTimeCriteriaOptions());
} else { } else {
$eleMod->setMultiOptions(array('0' => _('Select modifier'))); $eleMod->setMultiOptions(array('0' => _('Select modifier')));
} }
@ -565,6 +567,9 @@ class Application_Form_SmartBlockCriteria extends Zend_Form_SubForm
$criteriaModifers->setMultiOptions($this->getStringCriteriaOptions()); $criteriaModifers->setMultiOptions($this->getStringCriteriaOptions());
} elseif ($criteriaType == "n") { } elseif ($criteriaType == "n") {
$criteriaModifers->setMultiOptions($this->getNumericCriteriaOptions()); $criteriaModifers->setMultiOptions($this->getNumericCriteriaOptions());
}
elseif ($criteriaType == "d") {
$criteriaModifers->setMultiOptions($this->getDateTimeCriteriaOptions());
} else { } else {
$criteriaModifers->setMultiOptions(array('0' => _('Select modifier'))); $criteriaModifers->setMultiOptions(array('0' => _('Select modifier')));
} }
@ -610,6 +615,7 @@ class Application_Form_SmartBlockCriteria extends Zend_Form_SubForm
$this->populate($formData); $this->populate($formData);
// Logging::info($formData);
return $data; return $data;
} }
@ -706,10 +712,17 @@ class Application_Form_SmartBlockCriteria extends Zend_Form_SubForm
} elseif ($column->getType() == PropelColumnTypes::TIMESTAMP) { } elseif ($column->getType() == PropelColumnTypes::TIMESTAMP) {
// need to check for relative modifiers first - bypassing currently // need to check for relative modifiers first - bypassing currently
if (in_array($d['sp_criteria_modifier'], array('before','after','between'))) { if (in_array($d['sp_criteria_modifier'], array('before','after','between'))) {
if (!preg_match("/^[1-9][0-9]*$|0/",$d['sp_criteria_value'])) {
$element->addError(_("Only non-negative integer numbers are allowed (e.g 1 or 5) for the text value"));
$isValid = false;
// TODO validate this on numeric input with whatever parsing also do for extra // TODO validate this on numeric input with whatever parsing also do for extra
//if the modifier is before ago or between we skip validation until we confirm format //if the modifier is before ago or between we skip validation until we confirm format
} }
else { elseif (isSet($d['sp_criteria_datetime_select']) && $d['sp_criteria_datetime_select'] == "0") {
$element->addError(_("You must select a time unit for a relative datetime."));
$isValid = false;
}
} else {
if (!preg_match("/(\d{4})-(\d{2})-(\d{2})/", $d['sp_criteria_value'])) { if (!preg_match("/(\d{4})-(\d{2})-(\d{2})/", $d['sp_criteria_value'])) {
$element->addError(_("The value should be in timestamp format (e.g. 0000-00-00 or 0000-00-00 00:00:00)")); $element->addError(_("The value should be in timestamp format (e.g. 0000-00-00 or 0000-00-00 00:00:00)"));
$isValid = false; $isValid = false;
@ -724,7 +737,16 @@ class Application_Form_SmartBlockCriteria extends Zend_Form_SubForm
} }
if (isset($d['sp_criteria_extra'])) { if (isset($d['sp_criteria_extra'])) {
if ($d['sp_criteria_modifier'] == 'between') { if ($d['sp_criteria_modifier'] == 'between') {
//disabling validation as this doesn't require the same format // validate that the input value only contains a number if using relative date times
if (!preg_match("/^[1-9][0-9]*$|0/",$d['sp_criteria_extra'])) {
$element->addError(_("Only non-negative integer numbers are allowed for a relative date time"));
$isValid = false;
}
// also need to check to make sure they chose a time unit from the dropdown
elseif ($d['sp_criteria_extra_datetime_select'] == "0") {
$element->addError(_("You must select a time unit for a relative datetime."));
$isValid = false;
}
} }
else { else {
if (!preg_match("/(\d{4})-(\d{2})-(\d{2})/", $d['sp_criteria_extra'])) { if (!preg_match("/(\d{4})-(\d{2})-(\d{2})/", $d['sp_criteria_extra'])) {

12
airtime_mvc/application/models/Block.php
View File

@ -1197,7 +1197,7 @@ SQL;
$critKeys = array_keys($p_criteriaData['criteria']); $critKeys = array_keys($p_criteriaData['criteria']);
for ($i = 0; $i < count($critKeys); $i++) { for ($i = 0; $i < count($critKeys); $i++) {
foreach ($p_criteriaData['criteria'][$critKeys[$i]] as $d) { foreach ($p_criteriaData['criteria'][$critKeys[$i]] as $d) {
Logging::info($d); // Logging::info($d);
$field = $d['sp_criteria_field']; $field = $d['sp_criteria_field'];
$value = $d['sp_criteria_value']; $value = $d['sp_criteria_value'];
$modifier = $d['sp_criteria_modifier']; $modifier = $d['sp_criteria_modifier'];
@ -1538,19 +1538,21 @@ SQL;
$relativedate = new DateTime($spCriteriaValue); $relativedate = new DateTime($spCriteriaValue);
$dt = $relativedate->format(DateTime::ISO8601); $dt = $relativedate->format(DateTime::ISO8601);
$spCriteriaValue = "$spCriteria <= '$dt'"; $spCriteriaValue = "$spCriteria <= '$dt'";
Logging::info($spCriteriaValue); // Logging::info($spCriteriaValue);
} }
elseif ($spCriteriaModifier == "after") { elseif ($spCriteriaModifier == "after") {
$relativedate = new DateTime($spCriteriaValue); $relativedate = new DateTime($spCriteriaValue);
$dt = $relativedate->format(DateTime::ISO8601); $dt = $relativedate->format(DateTime::ISO8601);
$spCriteriaValue = "$spCriteria >= '$dt'"; $spCriteriaValue = "$spCriteria >= '$dt'";
Logging::info($spCriteriaValue); // Logging::info($spCriteriaValue);
} elseif ($spCriteriaModifier == "between") { } elseif ($spCriteriaModifier == "between") {
$fromrelativedate = new DateTime($spCriteriaValue); $fromrelativedate = new DateTime($spCriteriaValue);
$fdt = $fromrelativedate->format(DateTime::ISO8601); $fdt = $fromrelativedate->format(DateTime::ISO8601);
// Logging::info($fdt);
$torelativedate = new DateTime($spCriteriaValue); $torelativedate = new DateTime($spCriteriaExtra);
$tdt = $fromrelativedate->format(DateTime::ISO8601); $tdt = $torelativedate->format(DateTime::ISO8601);
// Logging::info($tdt);
$spCriteriaValue = "$spCriteria >= '$fdt' AND $spCriteria <= '$tdt'"; $spCriteriaValue = "$spCriteria >= '$fdt' AND $spCriteria <= '$tdt'";
} }