Skip to content
Browse files
There's no guard against unparsed characters at the end of the date s…
…tring, any extra characters are just ignored

Fixes #7244 - Datepicker: parseDate() does not throw an exception for long years
  • Loading branch information
jzaefferer committed May 18, 2011
1 parent ba6dd5c commit 92b0f6702a9408f4bd7d71ccca7e0e851d0efc6b
Showing with 12 additions and 0 deletions.
  1. +9 −0 tests/unit/datepicker/datepicker_tickets.js
  2. +3 −0 ui/jquery.ui.datepicker.js
@@ -29,4 +29,13 @@ test('Ticket 6827: formatDate day of year calculation is wrong during day lights
equals(time, "089");

test('Ticket #7244: date parser does not fail when too many numbers are passed into the date function', function() {
var date = $.datepicker.parseDate('dd/mm/yy', '18/04/19881');
ok("invalid date detected");

@@ -1082,6 +1082,9 @@ $.extend(Datepicker.prototype, {
if (iValue < value.length){
throw "Extra/unparsed characters found in date: " + value.substring(iValue);
if (year == -1)
year = new Date().getFullYear();
else if (year < 100)

3 comments on commit 92b0f67


This comment has been minimized.

Copy link

@pgraham pgraham replied Jun 27, 2011

This commit breaks an existing timepicker extension to the datepicker control ( which appends additional text to the end of the datepicker's input field. This can be avoided while still passing the test by ensuring that any additional text is separated from the date portion of the string by some white space:

if (iValue < value.length){
    var extra = value.substr(iValue);
    if (!/^\s+/.test(extra)) {
        throw "Extra/unparsed characters found in date: " + value.substring(iValue);

This comment has been minimized.

Copy link

@gnarf gnarf replied Jun 27, 2011

Also, just because datepicker doesn't currently conform to doesn't mean that patches against it shouldn't be adhering to the code standards.


This comment has been minimized.

Copy link
Member Author

@jzaefferer jzaefferer replied Jun 27, 2011

@pgraham: I've reopened the ticket - could you provide a patch as a pull request, with an updated test? You should also reuse the extra variable instead of calling substring two times.

@gnarf37: We're going to rewrite datepicker from scratch.

Please sign in to comment.