diff --git a/application/libraries/Ilch/Functions.php b/application/libraries/Ilch/Functions.php index 07f49a871..96f10ae81 100644 --- a/application/libraries/Ilch/Functions.php +++ b/application/libraries/Ilch/Functions.php @@ -469,15 +469,13 @@ function group(string $file) */ function validateDate(?string $date, string $format = 'Y-m-d H:i:s'): bool { - foreach (["\0", "%00"] as $nullByte) { - if ((0 === substr_compare($date ?? '', $nullByte, - 1))) { - // Return false when $date contains null bytes. - // This avoids "createFromFormat(): Argument must not contain any null bytes". - return false; - } + if (!$date || (strpos($date, chr(0)) !== false)) { + // Return false when $date contains null bytes. + // This avoids "createFromFormat(): Argument must not contain any null bytes". + return false; } - $d = DateTime::createFromFormat($format, $date ?? ''); + $d = DateTime::createFromFormat($format, $date); return $d && $d->format($format) === $date; } diff --git a/application/modules/shop/views/index/cart.php b/application/modules/shop/views/index/cart.php index a5d775d12..c8cd549bb 100644 --- a/application/modules/shop/views/index/cart.php +++ b/application/modules/shop/views/index/cart.php @@ -31,7 +31,7 @@ } } - $_SESSION['shopping_willCollect'] = $_POST['willCollect']; + $_SESSION['shopping_willCollect'] = $_POST['willCollect'] ?? null; } } diff --git a/index.php b/index.php index efe32b4e6..0dd07ea6d 100644 --- a/index.php +++ b/index.php @@ -31,7 +31,7 @@ $serverTimeZone = @date_default_timezone_get(); date_default_timezone_set('UTC'); -define('VERSION', '2.2.4'); +define('VERSION', '2.2.5'); define('SERVER_TIMEZONE', $serverTimeZone); define('DEFAULT_MODULE', 'page'); define('DEFAULT_LAYOUT', 'index'); diff --git a/tests/libraries/ilch/FunctionsTest.php b/tests/libraries/ilch/FunctionsTest.php index dd3ccebe5..9484d30dc 100644 --- a/tests/libraries/ilch/FunctionsTest.php +++ b/tests/libraries/ilch/FunctionsTest.php @@ -239,4 +239,34 @@ public function dpForTestFormatBytes(): array 'yottabytes' => ['params' => ['bytes' => 2417851639229258349412352, 'decimals' => 0], '2 YB'], ]; } + + /** + * Tests the validateDate function. + * + * @dataProvider dpForTestValidateDate + * @return void + */ + public function testValidateDate(array $params, $expected) + { + self::assertSame($expected, validateDate($params['date'], $params['format'])); + } + + /** + * @return array + */ + public function dpForTestValidateDate(): array + { + return [ + 'invalid empty string' => ['params' => ['date' => '', 'format' => 'Y-m-d H:i:s'], false], + 'invalid null' => ['params' => ['date' => null, 'format' => 'Y-m-d H:i:s'], false], + 'invalid null bytes' => ['params' => ['date' => chr(0), 'format' => 'Y-m-d H:i:s'], false], + 'invalid null bytes beginning' => ['params' => ['date' => chr(0) . 'test', 'format' => 'Y-m-d H:i:s'], false], + 'invalid null bytes middle' => ['params' => ['date' => 'test' . chr(0) . 'test', 'format' => 'Y-m-d H:i:s'], false], + 'invalid null bytes end' => ['params' => ['date' => 'test' . chr(0), 'format' => 'Y-m-d H:i:s'], false], + 'invalid zero date' => ['params' => ['date' => '0000-00-00 00:00:00', 'format' => 'Y-m-d H:i:s'], false], + 'invalid date format' => ['params' => ['date' => '2024-10-27 04:42:04', 'format' => 'Y-m-d H:i'], false], + 'valid date' => ['params' => ['date' => '2024-10-27 04:42:04', 'format' => 'Y-m-d H:i:s'], true], + 'valid date without seconds' => ['params' => ['date' => '2024-10-27 04:42', 'format' => 'Y-m-d H:i'], true], + ]; + } } diff --git a/tests/libraries/ilch/Validation/Validators/DateTest.php b/tests/libraries/ilch/Validation/Validators/DateTest.php index fb0b240d6..747e30019 100644 --- a/tests/libraries/ilch/Validation/Validators/DateTest.php +++ b/tests/libraries/ilch/Validation/Validators/DateTest.php @@ -92,6 +92,12 @@ public function dpForTestValidator(): array 'expectedErrorKey' => 'validation.errors.date.mustBeDate', 'expectedErrorParameters' => ['Y-m-d'] ], + 'empty string' => [ + 'data' => $this->createData(""), + 'expectedIsValid' => false, + 'expectedErrorKey' => 'validation.errors.date.mustBeDate', + 'expectedErrorParameters' => ['Y-m-d'] + ], ]; }