Skip to content
Permalink
Browse files

Fix validation allowing arrays.

Accepting arrays can cause a number of adverse effects. While this may
be a breaking change the alternatives are worse.
  • Loading branch information...
lorenzo authored and markstory committed Nov 5, 2015
1 parent d8ace10 commit 806c8742713368fc876aea4ce56fec90ce206f3c
Showing with 10 additions and 102 deletions.
  1. +0 −45 lib/Cake/Test/Case/Utility/ValidationTest.php
  2. +10 −57 lib/Cake/Utility/Validation.php
@@ -183,25 +183,6 @@ public function testAlphaNumeric() {
$this->assertFalse(Validation::alphaNumeric(''));
}
/**
* testAlphaNumericPassedAsArray method
*
* @return void
*/
public function testAlphaNumericPassedAsArray() {
$this->assertTrue(Validation::alphaNumeric(array('check' => 'frferrf')));
$this->assertTrue(Validation::alphaNumeric(array('check' => '12234')));
$this->assertTrue(Validation::alphaNumeric(array('check' => '1w2e2r3t4y')));
$this->assertTrue(Validation::alphaNumeric(array('check' => '0')));
$this->assertFalse(Validation::alphaNumeric(array('check' => '12 234')));
$this->assertFalse(Validation::alphaNumeric(array('check' => 'dfd 234')));
$this->assertFalse(Validation::alphaNumeric(array('check' => "\n")));
$this->assertFalse(Validation::alphaNumeric(array('check' => "\t")));
$this->assertFalse(Validation::alphaNumeric(array('check' => "\r")));
$this->assertFalse(Validation::alphaNumeric(array('check' => ' ')));
$this->assertFalse(Validation::alphaNumeric(array('check' => '')));
}
/**
* testLengthBetween method
*
@@ -231,21 +212,6 @@ public function testBlank() {
$this->assertFalse(Validation::blank('Blank'));
}
/**
* testBlankAsArray method
*
* @return void
*/
public function testBlankAsArray() {
$this->assertTrue(Validation::blank(array('check' => '')));
$this->assertTrue(Validation::blank(array('check' => ' ')));
$this->assertTrue(Validation::blank(array('check' => "\n")));
$this->assertTrue(Validation::blank(array('check' => "\t")));
$this->assertTrue(Validation::blank(array('check' => "\r")));
$this->assertFalse(Validation::blank(array('check' => ' Blank')));
$this->assertFalse(Validation::blank(array('check' => 'Blank')));
}
/**
* testcc method
*
@@ -999,17 +965,6 @@ public function testCustom() {
$this->assertFalse(Validation::custom('missing regex'));
}
/**
* testCustomAsArray method
*
* @return void
*/
public function testCustomAsArray() {
$this->assertTrue(Validation::custom(array('check' => '12345', 'regex' => '/(?<!\\S)\\d++(?!\\S)/')));
$this->assertFalse(Validation::custom(array('check' => 'Text', 'regex' => '/(?<!\\S)\\d++(?!\\S)/')));
$this->assertFalse(Validation::custom(array('check' => '123.45', 'regex' => '/(?<!\\S)\\d++(?!\\S)/')));
}
/**
* testDateDdmmyyyy method
*
@@ -60,11 +60,10 @@ class Validation {
* @return bool Success
*/
public static function notEmpty($check) {
if (is_array($check)) {
extract(self::_defaults($check));
if (!is_scalar($check)) {
return false;
}
if (empty($check) && $check != '0') {
if (empty($check) && (string)$check !== '0') {
return false;
}
return self::_check($check, '/[^\s]+/m');
@@ -82,10 +81,6 @@ public static function notEmpty($check) {
* @return bool Success
*/
public static function alphaNumeric($check) {
if (is_array($check)) {
extract(self::_defaults($check));
}
if (empty($check) && $check != '0') {
return false;
}
@@ -132,9 +127,6 @@ public static function between($check, $min, $max) {
* @return bool Success
*/
public static function blank($check) {
if (is_array($check)) {
extract(self::_defaults($check));
}
return !self::_check($check, '/[^\\s]/');
}
@@ -153,8 +145,8 @@ public static function blank($check) {
* @see Validation::luhn()
*/
public static function cc($check, $type = 'fast', $deep = false, $regex = null) {
if (is_array($check)) {
extract(self::_defaults($check));
if (!is_scalar($check)) {
return false;
}
$check = str_replace(array('-', ' '), '', $check);
@@ -287,8 +279,8 @@ public static function comparison($check1, $operator = null, $check2 = null) {
* @return bool Success
*/
public static function custom($check, $regex = null) {
if (is_array($check)) {
extract(self::_defaults($check));
if (!is_scalar($check)) {
return false;
}
if ($regex === null) {
self::$errors[] = __d('cake_dev', 'You must define a regular expression for %s', 'Validation::custom()');
@@ -467,10 +459,6 @@ public static function decimal($check, $places = null, $regex = null) {
* @return bool Success
*/
public static function email($check, $deep = false, $regex = null) {
if (is_array($check)) {
extract(self::_defaults($check));
}
if ($regex === null) {
$regex = '/^[\p{L}0-9!#$%&\'*+\/=?^_`{|}~-]+(?:\.[\p{L}0-9!#$%&\'*+\/=?^_`{|}~-]+)*@' . self::$_pattern['hostname'] . '$/ui';
}
@@ -657,10 +645,6 @@ public static function naturalNumber($check, $allowZero = false) {
* @return bool Success
*/
public static function phone($check, $regex = null, $country = 'all') {
if (is_array($check)) {
extract(self::_defaults($check));
}
if ($regex === null) {
switch ($country) {
case 'us':
@@ -702,10 +686,6 @@ public static function phone($check, $regex = null, $country = 'all') {
* @return bool Success
*/
public static function postal($check, $regex = null, $country = 'us') {
if (is_array($check)) {
extract(self::_defaults($check));
}
if ($regex === null) {
switch ($country) {
case 'uk':
@@ -767,10 +747,6 @@ public static function range($check, $lower = null, $upper = null) {
* @deprecated Deprecated 2.6. Will be removed in 3.0.
*/
public static function ssn($check, $regex = null, $country = null) {
if (is_array($check)) {
extract(self::_defaults($check));
}
if ($regex === null) {
switch ($country) {
case 'dk':
@@ -892,35 +868,12 @@ protected static function _pass($method, $check, $classPrefix) {
* @return bool Success of match
*/
protected static function _check($check, $regex) {
if (is_string($regex) && preg_match($regex, $check)) {
if (is_string($regex) && is_scalar($check) && preg_match($regex, $check)) {
return true;
}
return false;
}
/**
* Get the values to use when value sent to validation method is
* an array.
*
* @param array $params Parameters sent to validation method
* @return void
*/
protected static function _defaults($params) {
self::_reset();
$defaults = array(
'check' => null,
'regex' => null,
'country' => null,
'deep' => false,
'type' => null
);
$params += $defaults;
if ($params['country'] !== null) {
$params['country'] = mb_strtolower($params['country']);
}
return $params;
}
/**
* Luhn algorithm
*
@@ -930,8 +883,8 @@ protected static function _defaults($params) {
* @see http://en.wikipedia.org/wiki/Luhn_algorithm
*/
public static function luhn($check, $deep = false) {
if (is_array($check)) {
extract(self::_defaults($check));
if (!is_scalar($check)) {
return false;
}
if ($deep !== true) {
return true;

0 comments on commit 806c874

Please sign in to comment.
You can’t perform that action at this time.