New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Date validation accepts invalid dates #14727
Comments
Same problem here with the |
scratches head Could not repoduce it in 3.0.3, 2.8.3, 2.7.10, 2.6.13, 2.3.38 Can confirm that 2.6.7 behaves weird.
I have no idea how that is even possible. |
I still have this problem with Symfony-2.8.3. Here is the code in my Form Type:
What I type in the field is: When I use
What is persisted in the MySQL table is: In my opinion, Symfony's |
@peter17 I just tried your example and it works fine for me (I get a validation error). Could you please fork symfony standard edition and reproduce your issue on a new branch? |
@jakzal sorry, I'm not totally sure about what you expect from me: should I
When I add However, in my project, I used This seems inconsistent with the documentation which specifies that:
It seems that the DateValidator never invalidates DateTime objects... What I think I understand:
Note: adding |
Yes, this will do. I tried your example and it works fine for me. This let me to think there might be something about you configured the project that exposes this problem. |
@jakzal I created a new minimal Symfony project here: https://github.com/peter17/DateTypeTest Here are the results of the tests I made: In the 3rd case, I think I should have a validation failure... |
I don't have this issue on my OS X running PHP 5.5.30. However, I just tested this on PHP 5.5.30 and 5.6.14 on Linux and confirmed the invalid behaviour. It seems to depend on the platform. |
I forgot to mention that I use PHP-5.5.29 on Linux. |
It just occurred to me, should we really treat 20107 as an invalid year? |
It could be valid or invalid, or up to the users... The problem here, as I explain above, is that when the date is a DateTime object, the DateValidator does not check it at all (on Linux, seems different on OS X...)... |
From what do you deduce that the DateValidator isn't called at all? Did you confirm this by using a debugger or something like that? |
Please read what I wrote above:
So, yes, it is called, but since its argument is a |
Yeah, I read that. But this means that the validator actually is not skipped. It just doesn't do anything with the given value as this already is a As @jakzal said why should 20107 be treated as an invalid year? Imho if you want people to only add dates from a particular range, you should add additional constraints that check if the given dates is in this desired interval. |
I am not discussing whether 20107 should be treated as a valid year or not. What we observed is that on some platforms, there is a validation error on those dates and on some others, none. Also, on some platforms, the dates with years > 9999 are accepted and DateTime object does not have the correct date (20107 becomes 2007). Now, I am trying to reproduce the latter on a minimal project. |
This one is tricky as IMO PHP is the part that is acting wrong here. We would need to find a way to discover whether the parsed year is the same as the one given in the original string. |
It's definitely Symfony's fault, but not in the Validator, nor in the specific class @xabbuh pointed at - it's in |
Scrap that, I had it working in a form, but the unit tests blow up all over the place because PHP's support for 5+ digit years is just too inconsistent across all functions to rely on:
I'll just make it throw instead, at least then it's consistent. |
…y684) This PR was squashed before being merged into the 2.7 branch (closes #25781). Discussion ---------- [Form] Disallow transform dates beyond the year 9999 Fixes #14727 | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | yes | New feature? | no | BC breaks? | not really | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14727 | License | MIT Explicitly locked out submission of dates beyond December 31st 9999 in forms as PHP is highly incapable of consistently handling such dates. Before this patch dates were randomly transformed or mangled. Technically there is a BC break as this will now cause validation to fail on input that was *accepted* before, but it was mangled. Not my call but I prefer the rejection over data corruption: ``` // Old behavior $transformer = new DateTimeToLocalizedStringTransformer('UTC', 'UTC', null, null, \IntlDateFormatter::GREGORIAN, 'yyyy-MM-dd'); $result = $transformer->reverseTransform('20107-03-21'); // $result is now 2007-03-21 ``` Commits ------- 70cc969 [Form] Disallow transform dates beyond the year 9999
In Symfony-2.6.7, I am using a form with type
date
,'format' => 'yyyy-MM-dd'
andconstraint => array(new Symfony\Component\Validator\Constraints\Date)
.When a user inputs a date with a five-digit year, the form is validated successfully but an incorrect date is persisted.
Example:
User inputs
20011-11-11
. Persisted date is2001-11-11
.It is probably not Symfony's fault, since PHP's DateTime('20011-11-11') indeed returns
object(DateTime)#1 (3) { ["date"]=> string(26) "2001-11-11 20:01:00.000000" ["timezone_type"]=> int(3) ["timezone"]=> string(16) "Europe/Amsterdam" }
. See http://3v4l.org/tCrGl for version details.20011-11-11
should either be accepted as valid or rejected as invalid but not transformed to something else and accepted... Could Symfony validate the string format before PHP transforms it to a date?Best regards
The text was updated successfully, but these errors were encountered: