1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-04 20:01:00 +01:00

Harden custom date fields against userland adventures

Summary: Users do things like change the type of a field. Currently, we throw when this happens. Instead, recover somewhat-gracefully.

Test Plan:
Created a "string" field, then changed it to a "date" field.

{F35241}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5310
This commit is contained in:
epriestley 2013-03-09 13:51:58 -08:00
parent c91253c691
commit 25738e78a1

View file

@ -195,6 +195,12 @@ class ManiphestAuxiliaryFieldDefaultSpecification
$value = array(); $value = array();
} }
break; break;
case self::TYPE_DATE:
$value = (int)$value;
if ($value <= 0) {
return $this->setDefaultValue($value);
}
break;
default: default:
break; break;
} }
@ -336,11 +342,22 @@ class ManiphestAuxiliaryFieldDefaultSpecification
} }
break; break;
case self::TYPE_DATE: case self::TYPE_DATE:
$new_display = phabricator_datetime($new, $this->getUser()); // NOTE: Although it should be impossible to get bad data in these
// fields normally, users can change the type of an existing field and
// leave us with uninterpretable data in old transactions.
if ((int)$new <= 0) {
$new_display = "(invalid epoch timestamp: {$new})";
} else {
$new_display = phabricator_datetime($new, $this->getUser());
}
if ($old === null) { if ($old === null) {
$desc = "set field '{$label}' to '{$new_display}'"; $desc = "set field '{$label}' to '{$new_display}'";
} else { } else {
$old_display = phabricator_datetime($old, $this->getUser()); if ((int)$old <= 0) {
$old_display = "(invalid epoch timestamp: {$old})";
} else {
$old_display = phabricator_datetime($old, $this->getUser());
}
$desc = "changed field '{$label}' ". $desc = "changed field '{$label}' ".
"from '{$old_display}' to '{$new_display}'"; "from '{$old_display}' to '{$new_display}'";
} }