Optimization and fixes for validation #63
Optimization and fixes for validation #63
Conversation
Using `[+-.]` becomes a character range that includes `+,-.` when the expected behavior is character literals.
Existing code was allowing nearly anything to be used as username and password. Applied a `UserComponentValidatorTrait` to User and Pass classes to conform to RFC spec.
@@ -28,8 +28,7 @@ class Port extends AbstractComponent implements Component | |||
*/ | |||
protected function validate($data) | |||
{ | |||
$data = filter_var($data, FILTER_VALIDATE_INT, ['options' => ['min_range' => 1]]); | |||
if (! $data) { | |||
if (! ctype_digit($data) || $data < 1) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm honestly not sure if this is better. It may be more brittle because ctype_*
methods trigger warnings when the value is not a string. While the added type casting ensures it won't error, that might still be a good reason to revert this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep I'm on the fence with this one too :)
Optimization and fixes for validation
Great additions. Thanks for the help making the package more RFC compliant. I'm gonna merge everything an just revert the ctype check on the Port component. |
I've added more methods on URL and Path but overall I think the v4 is shaping good 👍 I've made some optimizations in regard to the use of punycode. We just need to test the package and update the documentation. |
Makes sense. I didn't realize that |
That's the beauty of semver, you don't have to worry about breaking the API, because major version bumps are expected to break the API. If people don't want to upgrade, they can choose not to. |
Several improvements and optimizations for component validation. Unit tests included for changes.