Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Disallow numeric encodings in range and fix comparison
Don't allow hex encoded data in range(). Remove the integer casting
from comparison() as it causes issues where the input is a float, but
the comparator is an integer.
  • Loading branch information
markstory committed Aug 6, 2015
1 parent f4daaec commit eaf3f0d
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 5 deletions.
9 changes: 4 additions & 5 deletions src/Validation/Validation.php
Expand Up @@ -231,11 +231,7 @@ public static function comparison($check1, $operator = null, $check2 = null)
if (is_array($check1)) {
extract($check1, EXTR_OVERWRITE);
}
$type = gettype($check2);
if ($type === 'double' && (float)$check1 != $check1) {
return false;
}
if ($type === 'integer' && (int)$check1 != $check1) {
if ((float)$check1 != $check1) {
return false;
}

Expand Down Expand Up @@ -732,6 +728,9 @@ public static function range($check, $lower = null, $upper = null)
if (!is_numeric($check)) {
return false;
}
if ((float)$check != $check) {
return false;
}
if (isset($lower) && isset($upper)) {
return ($check >= $lower && $check <= $upper);
}
Expand Down
20 changes: 20 additions & 0 deletions tests/TestCase/Validation/ValidationTest.php
Expand Up @@ -844,6 +844,9 @@ public function testComparison()
$this->assertFalse(Validation::comparison(7, '==', 6));
$this->assertFalse(Validation::comparison(7, 'not equal', 7));
$this->assertFalse(Validation::comparison(7, '!=', 7));

$this->assertTrue(Validation::comparison('6.5', '!=', 6));
$this->assertTrue(Validation::comparison('6.5', '<', 7));
}

/**
Expand Down Expand Up @@ -2091,6 +2094,23 @@ public function testRange()
$this->assertFalse(Validation::range(2.099, 2.1, 3.2));
}

/**
* Test range type checks
*
* @return void
*/
public function testRangeTypeChecks()
{
$this->assertFalse(Validation::range('\x028', 1, 5), 'hexish encoding fails');
$this->assertFalse(Validation::range('0b010', 1, 5), 'binary string data fails');
$this->assertFalse(Validation::range('0x01', 1, 5), 'hex string data fails');
$this->assertFalse(Validation::range('0x1', 1, 5), 'hex string data fails');

$this->assertFalse(Validation::range('\x028', 1, 5), 'hexish encoding fails');
$this->assertFalse(Validation::range('0b010', 1, 5), 'binary string data fails');
$this->assertFalse(Validation::range('0x02', 1, 5), 'hex string data fails');
}

/**
* testExtension method
*
Expand Down

0 comments on commit eaf3f0d

Please sign in to comment.