Fix validation allowing arrays.

Accepting arrays can cause a number of adverse effects. While this may be a breaking change the alternatives are worse.
cakephp · Nov 5, 2015 · 18544c5 · 18544c5
1 parent 5e60cc5
commit 18544c5
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 101 deletions.
diff --git a/lib/Cake/Test/Case/Utility/ValidationTest.php b/lib/Cake/Test/Case/Utility/ValidationTest.php
@@ -183,25 +183,6 @@ public function testAlphaNumeric() {
 		$this->assertFalse(Validation::alphaNumeric(''));
 	}
 
-/**
- * testAlphaNumericPassedAsArray method
- *
- * @return void
- */
-	public function testAlphaNumericPassedAsArray() {
-		$this->assertTrue(Validation::alphaNumeric(array('check' => 'frferrf')));
-		$this->assertTrue(Validation::alphaNumeric(array('check' => '12234')));
-		$this->assertTrue(Validation::alphaNumeric(array('check' => '1w2e2r3t4y')));
-		$this->assertTrue(Validation::alphaNumeric(array('check' => '0')));
-		$this->assertFalse(Validation::alphaNumeric(array('check' => '12 234')));
-		$this->assertFalse(Validation::alphaNumeric(array('check' => 'dfd 234')));
-		$this->assertFalse(Validation::alphaNumeric(array('check' => "\n")));
-		$this->assertFalse(Validation::alphaNumeric(array('check' => "\t")));
-		$this->assertFalse(Validation::alphaNumeric(array('check' => "\r")));
-		$this->assertFalse(Validation::alphaNumeric(array('check' => ' ')));
-		$this->assertFalse(Validation::alphaNumeric(array('check' => '')));
-	}
-
 /**
  * testLengthBetween method
  *
@@ -231,21 +212,6 @@ public function testBlank() {
 		$this->assertFalse(Validation::blank('Blank'));
 	}
 
-/**
- * testBlankAsArray method
- *
- * @return void
- */
-	public function testBlankAsArray() {
-		$this->assertTrue(Validation::blank(array('check' => '')));
-		$this->assertTrue(Validation::blank(array('check' => ' ')));
-		$this->assertTrue(Validation::blank(array('check' => "\n")));
-		$this->assertTrue(Validation::blank(array('check' => "\t")));
-		$this->assertTrue(Validation::blank(array('check' => "\r")));
-		$this->assertFalse(Validation::blank(array('check' => '    Blank')));
-		$this->assertFalse(Validation::blank(array('check' => 'Blank')));
-	}
-
 /**
  * testcc method
  *
@@ -999,17 +965,6 @@ public function testCustom() {
 		$this->assertFalse(Validation::custom('missing regex'));
 	}
 
-/**
- * testCustomAsArray method
- *
- * @return void
- */
-	public function testCustomAsArray() {
-		$this->assertTrue(Validation::custom(array('check' => '12345', 'regex' => '/(?<!\\S)\\d++(?!\\S)/')));
-		$this->assertFalse(Validation::custom(array('check' => 'Text', 'regex' => '/(?<!\\S)\\d++(?!\\S)/')));
-		$this->assertFalse(Validation::custom(array('check' => '123.45', 'regex' => '/(?<!\\S)\\d++(?!\\S)/')));
-	}
-
 /**
  * testDateDdmmyyyy method
  *

diff --git a/lib/Cake/Utility/Validation.php b/lib/Cake/Utility/Validation.php
@@ -73,10 +73,9 @@ public static function notEmpty($check) {
  * @return bool Success
  */
 	public static function notBlank($check) {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
+		if (!is_scalar($check)) {
+			return false;
 		}
-
 		if (empty($check) && (string)$check !== '0') {
 			return false;
 		}
@@ -95,10 +94,6 @@ public static function notBlank($check) {
  * @return bool Success
  */
 	public static function alphaNumeric($check) {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
-		}
-
 		if (empty($check) && $check != '0') {
 			return false;
 		}
@@ -145,9 +140,6 @@ public static function between($check, $min, $max) {
  * @return bool Success
  */
 	public static function blank($check) {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
-		}
 		return !static::_check($check, '/[^\\s]/');
 	}
 
@@ -166,8 +158,8 @@ public static function blank($check) {
  * @see Validation::luhn()
  */
 	public static function cc($check, $type = 'fast', $deep = false, $regex = null) {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
+		if (!is_scalar($check)) {
+			return false;
 		}
 
 		$check = str_replace(array('-', ' '), '', $check);
@@ -300,8 +292,8 @@ public static function comparison($check1, $operator = null, $check2 = null) {
  * @return bool Success
  */
 	public static function custom($check, $regex = null) {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
+		if (!is_scalar($check)) {
+			return false;
 		}
 		if ($regex === null) {
 			static::$errors[] = __d('cake_dev', 'You must define a regular expression for %s', 'Validation::custom()');
@@ -480,10 +472,6 @@ public static function decimal($check, $places = null, $regex = null) {
  * @return bool Success
  */
 	public static function email($check, $deep = false, $regex = null) {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
-		}
-
 		if ($regex === null) {
 			$regex = '/^[\p{L}0-9!#$%&\'*+\/=?^_`{|}~-]+(?:\.[\p{L}0-9!#$%&\'*+\/=?^_`{|}~-]+)*@' . static::$_pattern['hostname'] . '$/ui';
 		}
@@ -670,10 +658,6 @@ public static function naturalNumber($check, $allowZero = false) {
  * @return bool Success
  */
 	public static function phone($check, $regex = null, $country = 'all') {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
-		}
-
 		if ($regex === null) {
 			switch ($country) {
 				case 'us':
@@ -715,10 +699,6 @@ public static function phone($check, $regex = null, $country = 'all') {
  * @return bool Success
  */
 	public static function postal($check, $regex = null, $country = 'us') {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
-		}
-
 		if ($regex === null) {
 			switch ($country) {
 				case 'uk':
@@ -780,10 +760,6 @@ public static function range($check, $lower = null, $upper = null) {
  * @deprecated Deprecated 2.6. Will be removed in 3.0.
  */
 	public static function ssn($check, $regex = null, $country = null) {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
-		}
-
 		if ($regex === null) {
 			switch ($country) {
 				case 'dk':
@@ -905,35 +881,12 @@ protected static function _pass($method, $check, $classPrefix) {
  * @return bool Success of match
  */
 	protected static function _check($check, $regex) {
-		if (is_string($regex) && preg_match($regex, $check)) {
+		if (is_string($regex) && is_scalar($check) && preg_match($regex, $check)) {
 			return true;
 		}
 		return false;
 	}
 
-/**
- * Get the values to use when value sent to validation method is
- * an array.
- *
- * @param array $params Parameters sent to validation method
- * @return void
- */
-	protected static function _defaults($params) {
-		static::_reset();
-		$defaults = array(
-			'check' => null,
-			'regex' => null,
-			'country' => null,
-			'deep' => false,
-			'type' => null
-		);
-		$params += $defaults;
-		if ($params['country'] !== null) {
-			$params['country'] = mb_strtolower($params['country']);
-		}
-		return $params;
-	}
-
 /**
  * Luhn algorithm
  *
@@ -943,8 +896,8 @@ protected static function _defaults($params) {
  * @see http://en.wikipedia.org/wiki/Luhn_algorithm
  */
 	public static function luhn($check, $deep = false) {
-		if (is_array($check)) {
-			extract(static::_defaults($check));
+		if (!is_scalar($check)) {
+			return false;
 		}
 		if ($deep !== true) {
 			return true;