Skip to content

Commit

Permalink
Merge pull request from GHSA-625g-fm5w-w7w4
Browse files Browse the repository at this point in the history 
* fix possibility to have empty name/surname and empty company

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

* let js validation for customer add/edit form also trim() entered data to avoid empty values pass the client-side validation

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

---------

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
  • Loading branch information
@d00p
d00p committed Dec 15, 2023
1 parent 778fd3b commit 4b18468
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion lib/Froxlor/Api/Commands/Customers.php
View file
Expand Up @@ -1053,7 +1053,7 @@ public function update()
$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
$name = $this->getParam('name', true, $result['name']);
$firstname = $this->getParam('firstname', true, $result['firstname']);
$company_required = empty($result['company']) && ((!empty($name) && empty($firstname)) || (empty($name) && !empty($firstname)) || (empty($name) && empty($firstname)));
$company_required = (!empty($name) && empty($firstname)) || (empty($name) && !empty($firstname)) || (empty($name) && empty($firstname));
$company = $this->getParam('company', !$company_required, $result['company']);
$street = $this->getParam('street', true, $result['street']);
$zipcode = $this->getParam('zipcode', true, $result['zipcode']);
Expand Down
8 changes: 4 additions & 4 deletions templates/Froxlor/assets/js/jquery/validation.js
View file
Expand Up @@ -8,18 +8,18 @@ export default function () {
rules: {
'name': {
required: function () {
return $('#company').val().length === 0 || $('#firstname').val().length > 0;
return $('#company').val().trim().length === 0 || $('#firstname').val().trim().length > 0;
}
},
'firstname': {
required: function () {
return $('#company').val().length === 0 || $('#name').val().length > 0;
return $('#company').val().trim().length === 0 || $('#name').val().trim().length > 0;
}
},
'company': {
required: function () {
return $('#name').val().length === 0
&& $('#firstname').val().length === 0;
return $('#name').val().trim().length === 0
&& $('#firstname').val().trim().length === 0;
}
}
},
Expand Down

0 comments on commit 4b18468

Please sign in to comment.