You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
protectedconstALLOWED_CHARACTERS = ['', "'", '#', '(', ')', '-', '*', '/', '_', '\\', '.']; // Expand this default?/** * Default processValidation() for generic validations * @param ResponseBody $responseBody * @param array $parsedRequest */protectedfunctiondefaultValidation(ResponseBody$responseBody, array$parsedRequest): void {
// Iterate all the model fieldsforeach(Medicine::FIELDSas$field => $dataType) {
$protectedField = $dataType[0] === '*';
// Is the model field NOT in the request?if (!V::key($field)->validate($parsedRequest)) {
// Any dataType proceeded with an * are protected fields and can not be changed (e.g. password_hash)if ($protectedField) {
continue;
}
// If the request is missing this field so register it as optional$responseBody->registerParam('optional', $field, $dataType);
} else {
// If Datatype is proceeded with an * it means the field is protected and can not be changed (e.g. password_hash)if ($protectedField) {
$responseBody->registerParam('invalid', $field, null);
}
// Don't allow emoji or other "strange" characters -- this prevents SQL Errorsif ($dataType === 'string') {
if (!V::alnum(implode(self::ALLOWED_CHARACTERS))->validate($parsedRequest[$field])) {
$responseBody->registerParam('invalid', $field, 'alpha-numeric. Value given: ' . $parsedRequest[$field]);
}
}
}
}
}
The text was updated successfully, but these errors were encountered:
The text was updated successfully, but these errors were encountered: