mirror of
https://github.com/phpbb/phpbb.git
synced 2025-01-19 07:08:09 +01:00
[ticket/12684] Add input validation
PHPBB3-12684
This commit is contained in:
Matt Friedman
parent
6fe084a2fd
commit
d373428180
@ -123,6 +123,22 @@ class add extends \phpbb\console\command\command
|
||||
);
|
||||
}
|
||||
|
||||
$data = array(
|
||||
'username' => $username,
|
||||
'new_password' => $password,
|
||||
'email' => $email,
|
||||
);
|
||||
|
||||
try
|
||||
{
|
||||
$this->validate_user_data($data);
|
||||
}
|
||||
catch (runtime_exception $e)
|
||||
{
|
||||
$io->error($e->getMessage());
|
||||
return 1;
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
$group_id = $this->get_group_id();
|
||||
@ -190,6 +206,38 @@ class add extends \phpbb\console\command\command
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate the submitted user data
|
||||
*
|
||||
* @param array $data The user data array
|
||||
* @throws runtime_exception if any data fails validation
|
||||
* @return null
|
||||
*/
|
||||
protected function validate_user_data($data)
|
||||
{
|
||||
if (!function_exists('validate_data'))
|
||||
{
|
||||
require($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext);
|
||||
}
|
||||
|
||||
$error = validate_data($data, array(
|
||||
'username' => array(
|
||||
array('string', false, $this->config['min_name_chars'], $this->config['max_name_chars']),
|
||||
array('username', '')),
|
||||
'new_password' => array(
|
||||
array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']),
|
||||
array('password')),
|
||||
'email' => array(
|
||||
array('string', false, 6, 60),
|
||||
array('user_email')),
|
||||
));
|
||||
|
||||
if ($error)
|
||||
{
|
||||
throw new runtime_exception(implode("\n", array_map(array($this->user, 'lang'), $error)));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the group id
|
||||
*
|
||||
|
||||
@ -49,6 +49,11 @@ class phpbb_console_command_user_add_test extends phpbb_database_test_case
|
||||
$config = $this->config = new \phpbb\config\config(array(
|
||||
'board_timezone' => 'UTC',
|
||||
'default_lang' => 'en',
|
||||
'min_name_chars' => 3,
|
||||
'max_name_chars' => 10,
|
||||
'min_pass_chars' => 3,
|
||||
'max_pass_chars' => 10,
|
||||
'pass_complex' => 'PASS_TYPE_ANY',
|
||||
));
|
||||
|
||||
$db = $this->db = $this->new_dbal();
|
||||
@ -110,6 +115,24 @@ class phpbb_console_command_user_add_test extends phpbb_database_test_case
|
||||
|
||||
}
|
||||
|
||||
public function test_add_no_dialog_invalid()
|
||||
{
|
||||
$command_tester = $this->get_command_tester();
|
||||
|
||||
$this->assertEquals(3, $this->get_user_id('Test'));
|
||||
|
||||
$command_tester->execute(array(
|
||||
'command' => $this->command_name,
|
||||
'--username' => 'Test',
|
||||
'--password' => '1',
|
||||
'--email' => 'foo'
|
||||
));
|
||||
|
||||
$this->assertContains('USERNAME_TAKEN', $command_tester->getDisplay());
|
||||
$this->assertContains('TOO_SHORT', $command_tester->getDisplay());
|
||||
$this->assertContains('EMAIL_INVALID', $command_tester->getDisplay());
|
||||
}
|
||||
|
||||
public function get_command_tester()
|
||||
{
|
||||
$application = new Application();
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user