Permalink
Browse files

[TASK] Enforce correct value for datefield

Change-Id: I1331a1a8c42dbd4840c30fe6bd88f8518a905836
Reviewed-on: https://review.typo3.org/49601
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
  • Loading branch information...
georgringer committed Aug 26, 2016
1 parent 0e498c5 commit 68cb1d64cb68e0caadfb669500104570233af939
Showing with 14 additions and 2 deletions.
  1. +5 −1 Classes/Domain/Model/Dto/NewsDemand.php
  2. +9 −1 Tests/Unit/Domain/Model/Dto/NewsDemandTest.php
@@ -524,7 +524,11 @@ public function setDateField($dateField)
*/
public function getDateField()
{
return $this->dateField;
if (empty($this->dateField) || in_array($this->dateField, ['datetime', 'archive'])) {
return $this->dateField;
} else {
return '';
}
}
/**
@@ -137,9 +137,17 @@ public function topNewsRestrictionCanBeSet()
*/
public function dateFieldCanBeSet()
{
$value = 'field';
$value = 'datetime';
$this->instance->setDateField($value);
$this->assertEquals($value, $this->instance->getDateField());
$value = 'archive';
$this->instance->setDateField($value);
$this->assertEquals($value, $this->instance->getDateField());
$value = 'invalid';
$this->instance->setDateField($value);
$this->assertEquals('', $this->instance->getDateField());
}
/**

1 comment on commit 68cb1d6

@sgrossberndt

This comment has been minimized.

Copy link

sgrossberndt commented on 68cb1d6 Jul 6, 2017

This should be backported to version 3.x to have this in TYPO3 6.2 too.
@see https://www.ambionics.io/blog/typo3-news-module-sqli#update-2017-06-22

Please sign in to comment.