Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

MDL-27759 user webservice - added new PARAM for timezone PARAM_TIMEZO…

…NE, to validate timezone input in webservice while deling with user information
  • Loading branch information...
commit ccc77f9152573575e099ba41a9e77cfdbc4ded6c 1 parent 6911fa1
Rajesh Taneja authored
View
15 lib/moodlelib.php
@@ -273,6 +273,13 @@
define('PARAM_MULTILANG', 'text');
/**
+ * PARAM_TIMEZONE - expected timezone. Timezone can be int +-(0-13) or float +-(0.5-12.5) or
+ * string seperated by '/' and can have '-' &/ '_' (eg. America/North_Dakota/New_Salem
+ * America/Port-au-Prince)
+ */
+define('PARAM_TIMEZONE', 'timezone');
+
+/**
* PARAM_CLEANFILE - deprecated alias of PARAM_FILE; originally was removing regional chars too
*/
define('PARAM_CLEANFILE', 'file');
@@ -888,6 +895,14 @@ function clean_param($param, $type) {
return '';
}
+ case PARAM_TIMEZONE: //can be int, float(with .5 or .0) or string seperated by '/' and can have '-_'
+ $timezonepattern = '/^(([+-]?(0?[0-9](\.[5|0])?|1[0-3]|1[0-2]\.5))|(99)|[[:alnum:]]+(\/?[[:alpha:]_-])+)$/';
+ if (preg_match($timezonepattern, $param)) {
+ return $param;
+ } else {
+ return '';
+ }
+
default: // throw error, switched parameters in optional_param or another serious problem
print_error("unknownparamtype", '', '', $type);
}
View
26 lib/simpletest/testmoodlelib.php
@@ -444,6 +444,32 @@ function test_clean_param_stringid() {
$this->assertEqual(clean_param(' ', PARAM_STRINGID), '');
}
+ function test_clean_param_timezone() {
+ // Test timezone validation
+ $testvalues = array (
+ 'America/Jamaica' => 'America/Jamaica',
+ 'America/Argentina/Cordoba' => 'America/Argentina/Cordoba',
+ 'America/Port-au-Prince' => 'America/Port-au-Prince',
+ 'America/Argentina/Buenos_Aires' => 'America/Argentina/Buenos_Aires',
+ 'PST8PDT' => 'PST8PDT',
+ 'Wrong.Value' => '',
+ 'Wrong/.Value' => '',
+ 'Wrong(Value)' => '',
+ '0' => '0',
+ '0.0' => '0.0',
+ '0.5' => '0.5',
+ '-12.5' => '-12.5',
+ '+12.5' => '+12.5',
+ '13.5' => '',
+ '-13.5' => '',
+ '0.2' => '');
+
+ foreach ($testvalues as $testvalue => $expectedvalue) {
+ $actualvalue = clean_param($testvalue, PARAM_TIMEZONE);
+ $this->assertEqual($actualvalue, $expectedvalue);
+ }
+ }
+
function test_validate_param() {
try {
$param = validate_param('11a', PARAM_INT);
View
6 user/externallib.php
@@ -49,7 +49,7 @@ public static function create_users_parameters() {
'idnumber' => new external_value(PARAM_RAW, 'An arbitrary ID code number perhaps from the institution', VALUE_DEFAULT, ''),
'lang' => new external_value(PARAM_SAFEDIR, 'Language code such as "en", must exist on server', VALUE_DEFAULT, $CFG->lang, NULL_NOT_ALLOWED),
'theme' => new external_value(PARAM_SAFEDIR, 'Theme name such as "standard", must exist on server', VALUE_OPTIONAL),
- 'timezone' => new external_value(PARAM_ALPHANUMEXT, 'Timezone code such as Australia/Perth, or 99 for default', VALUE_OPTIONAL),
+ 'timezone' => new external_value(PARAM_TIMEZONE, 'Timezone code such as Australia/Perth, or 99 for default', VALUE_OPTIONAL),
'mailformat' => new external_value(PARAM_INTEGER, 'Mail format code is 0 for plain text, 1 for HTML etc', VALUE_OPTIONAL),
'description' => new external_value(PARAM_TEXT, 'User profile description, no HTML', VALUE_OPTIONAL),
'city' => new external_value(PARAM_NOTAGS, 'Home city of the user', VALUE_OPTIONAL),
@@ -256,7 +256,7 @@ public static function update_users_parameters() {
'idnumber' => new external_value(PARAM_RAW, 'An arbitrary ID code number perhaps from the institution', VALUE_OPTIONAL),
'lang' => new external_value(PARAM_SAFEDIR, 'Language code such as "en", must exist on server', VALUE_OPTIONAL, '', NULL_NOT_ALLOWED),
'theme' => new external_value(PARAM_SAFEDIR, 'Theme name such as "standard", must exist on server', VALUE_OPTIONAL),
- 'timezone' => new external_value(PARAM_ALPHANUMEXT, 'Timezone code such as Australia/Perth, or 99 for default', VALUE_OPTIONAL),
+ 'timezone' => new external_value(PARAM_TIMEZONE, 'Timezone code such as Australia/Perth, or 99 for default', VALUE_OPTIONAL),
'mailformat' => new external_value(PARAM_INTEGER, 'Mail format code is 0 for plain text, 1 for HTML etc', VALUE_OPTIONAL),
'description' => new external_value(PARAM_TEXT, 'User profile description, no HTML', VALUE_OPTIONAL),
'city' => new external_value(PARAM_NOTAGS, 'Home city of the user', VALUE_OPTIONAL),
@@ -426,7 +426,7 @@ public static function get_users_by_id_returns() {
'idnumber' => new external_value(PARAM_RAW, 'An arbitrary ID code number perhaps from the institution'),
'lang' => new external_value(PARAM_SAFEDIR, 'Language code such as "en", must exist on server'),
'theme' => new external_value(PARAM_SAFEDIR, 'Theme name such as "standard", must exist on server'),
- 'timezone' => new external_value(PARAM_ALPHANUMEXT, 'Timezone code such as Australia/Perth, or 99 for default'),
+ 'timezone' => new external_value(PARAM_TIMEZONE, 'Timezone code such as Australia/Perth, or 99 for default'),
'mailformat' => new external_value(PARAM_INTEGER, 'Mail format code is 0 for plain text, 1 for HTML etc'),
'description' => new external_value(PARAM_RAW, 'User profile description'),
'descriptionformat' => new external_value(PARAM_INT, 'User profile description format'),
View
4 webservice/simpletest/testwebservice.php
@@ -571,7 +571,7 @@ function moodle_user_create_users($client) {
$user1->idnumber = 'testidnumber1';
$user1->lang = 'en';
$user1->theme = 'standard';
- $user1->timezone = 99;
+ $user1->timezone = '-12.5';
$user1->mailformat = 0;
$user1->description = 'Hello World!';
$user1->city = 'testcity1';
@@ -593,6 +593,7 @@ function moodle_user_create_users($client) {
$user2->firstname = 'testfirstname2';
$user2->lastname = 'testlastname2';
$user2->email = 'testemail1@moodle.com';
+ $user2->timezone = 'Pacific/Port_Moresby';
$users = array($user1, $user2);
@@ -668,6 +669,7 @@ function moodle_user_create_users($client) {
hash_internal_user_password($user2->password));
$this->assertEqual($dbuser2->lastname, $user2->lastname);
$this->assertEqual($dbuser2->email, $user2->email);
+ $this->assertEqual($dbuser2->timezone, $user2->timezone);
//unset preferences
$DB->delete_records('user_preferences', array('userid' => $dbuser1->id));
Please sign in to comment.
Something went wrong with that request. Please try again.