adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 11:28:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Backport fixes for comparison() and range() to 2.x

Browse source 
These fixes were released as a security update for 3.x, they also belong
in 2.x
This commit is contained in:
mark_story 2015-08-06 21:32:17 -04:00
parent 056f24a774
commit b7c9ac913d
2 changed files with 42 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
lib/Cake/Test/Case/Utility/ValidationTest.php
View file

@ -930,6 +930,25 @@ class ValidationTest extends CakeTestCase {
$this->assertFalse(Validation::comparison(7, '==', 6)); $this->assertFalse(Validation::comparison(7, '==', 6));
$this->assertFalse(Validation::comparison(7, 'not equal', 7)); $this->assertFalse(Validation::comparison(7, 'not equal', 7));
$this->assertFalse(Validation::comparison(7, '!=', 7)); $this->assertFalse(Validation::comparison(7, '!=', 7));
$this->assertTrue(Validation::comparison('6.5', '!=', 6));
$this->assertTrue(Validation::comparison('6.5', '<', 7));
}
/**
* Test comparison casting values before comparisons.
*
* @return void
*/
public function testComparisonTypeChecks() {
$this->assertFalse(Validation::comparison('\x028', '>=', 1), 'hexish encoding fails');
$this->assertFalse(Validation::comparison('0b010', '>=', 1), 'binary string data fails');
$this->assertFalse(Validation::comparison('0x01', '>=', 1), 'hex string data fails');
$this->assertFalse(Validation::comparison('0x1', '>=', 1), 'hex string data fails');
$this->assertFalse(Validation::comparison('\x028', '>=', 1.5), 'hexish encoding fails');
$this->assertFalse(Validation::comparison('0b010', '>=', 1.5), 'binary string data fails');
$this->assertFalse(Validation::comparison('0x02', '>=', 1.5), 'hex string data fails');
} }
/** /**
@ -2004,6 +2023,22 @@ class ValidationTest extends CakeTestCase {
$this->assertFalse(Validation::range('word')); $this->assertFalse(Validation::range('word'));
} }
/**
* Test range type checks
*
* @return void
*/
public function testRangeTypeChecks() {
$this->assertFalse(Validation::range('\x028', 1, 5), 'hexish encoding fails');
$this->assertFalse(Validation::range('0b010', 1, 5), 'binary string data fails');
$this->assertFalse(Validation::range('0x01', 1, 5), 'hex string data fails');
$this->assertFalse(Validation::range('0x1', 1, 5), 'hex string data fails');
$this->assertFalse(Validation::range('\x028', 1, 5), 'hexish encoding fails');
$this->assertFalse(Validation::range('0b010', 1, 5), 'binary string data fails');
$this->assertFalse(Validation::range('0x02', 1, 5), 'hex string data fails');
}
/** /**
* testExtension method * testExtension method
* *

7
lib/Cake/Utility/Validation.php
View file

@ -242,6 +242,10 @@ class Validation {
if (is_array($check1)) { if (is_array($check1)) {
extract($check1, EXTR_OVERWRITE); extract($check1, EXTR_OVERWRITE);
} }
if ((float)$check1 != $check1) {
return false;
}
$operator = str_replace(array(' ', "\t", "\n", "\r", "\0", "\x0B"), '', strtolower($operator)); $operator = str_replace(array(' ', "\t", "\n", "\r", "\0", "\x0B"), '', strtolower($operator));
switch ($operator) { switch ($operator) {
@ -757,6 +761,9 @@ class Validation {
if (!is_numeric($check)) { if (!is_numeric($check)) {
return false; return false;
} }
if ((float)$check != $check) {
return false;
}
if (isset($lower) && isset($upper)) { if (isset($lower) && isset($upper)) {
return ($check > $lower && $check < $upper); return ($check > $lower && $check < $upper);
} }