revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-03-13 12:54:53 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/calendar
History
Andre Klapper 89be7a51d8 Validate some user provided calendar query range dates 
Summary:
Calendar search form allows users to define date ranges. Entering gibberish data leads to a cryptic exception due to calling `format()` on `null`, as `AphrontFormDateControlValue::getDateTime()` can return `null` instead of a `DateTime` object.

Also add some additional PhpDoc as a result of playing with this code.

Note that other calendar query forms are more lenient and still accepts gibberish after applying this patch. The intention behind this patch is replacing a cryptic exception with a more appropriate and descriptive error; this patch does not attempt to introduce validation everywhere.

```
EXCEPTION: (Error) Call to a member function format() on null at [<phorge>/src/applications/calendar/query/PhabricatorCalendarEventSearchEngine.php:469]
```

Closes T15943

Test Plan:
* On http://phorge.localhost/calendar/query/month/, click "Edit Query", check "Occurs After", replace default date value with "abcde", click "Search" button
* On http://phorge.localhost/calendar/query/month/, click "Edit Query", check "Occurs After", replace default time value with "abcde", click "Search" button
* On http://phorge.localhost/calendar/query/month/, click "Edit Query", check "Occurs Before", replace default date value with "abcde", click "Search" button
* On http://phorge.localhost/calendar/query/month/, click "Edit Query", check "Occurs Before", replace default time value with "abcde", click "Search" button
* On http://phorge.localhost/calendar/query/day/, click "Edit Query", check "Occurs After", replace default date value with "abcde", click "Search" button
* On http://phorge.localhost/calendar/query/day/, click "Edit Query", check "Occurs After", replace default time value with "abcde", click "Search" button
* On http://phorge.localhost/calendar/query/day/, click "Edit Query", check "Occurs Before", replace default date value with "abcde", click "Search" button
* On http://phorge.localhost/calendar/query/day/, click "Edit Query", check "Occurs Before", replace default time value with "abcde", click "Search" button

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15943

Differential Revision: https://we.phorge.it/D25825
2024-11-26 15:12:22 +01:00
..
__tests__ Fix errors found by PHPStan 2017-02-17 10:10:15 +00:00
application Show more in Application Detail and List view 2023-11-21 11:22:23 -07:00
capability Provide default view and edit policies in Calendar, plus "Event Host" and "Event Invitees" 2016-07-13 15:42:12 -07:00
codex Remove product literal strings in "pht()", part 2 2022-04-25 12:22:26 -07:00
command Convert Calendar to Modular Transactions 2016-07-13 07:46:33 -07:00
conduit Add calendar.event.search and calendar.event.edit 2016-07-13 10:17:46 -07:00
controller Fix editing a Calendar import ICS URI 2022-12-17 12:17:37 +01:00
editor Make misc get*ApplicationClass[Name]() calls return ::class constant instead of string 2024-02-05 14:11:36 +01:00
herald Make misc get*ApplicationClass[Name]() calls return ::class constant instead of string 2024-02-05 14:11:36 +01:00
icon Fix spelling 2017-10-09 10:48:04 -07:00
import Fix implicitly nullable parameter declarations for PHP 8.4 2024-10-24 17:19:42 +02:00
importlog Queue large ICS files for background import 2016-11-06 07:46:21 -08:00
mail Allow multiple mail receivers to react to an individual email 2019-01-16 12:28:02 -08:00
management Provide a standalone bin/calendar reload ... workflow for testing/debugging 2016-11-07 10:55:18 -08:00
notifications Update PhabricatorLiskDAO::chunkSQL() for new %Q semantics 2018-11-13 08:59:18 -08:00
parser Fix implicitly nullable parameter declarations for PHP 8.4 2024-10-24 17:19:42 +02:00
phid Make misc get*ApplicationClass[Name]() calls return ::class constant instead of string 2024-02-05 14:11:36 +01:00
policyrule Improve Calendar event behavior for group invites 2016-11-15 11:16:55 -08:00
query Validate some user provided calendar query range dates 2024-11-26 15:12:22 +01:00
remarkup Calendar event monograms, part 3. Remarkup for calendar event monograms. 2015-04-27 14:27:34 -07:00
search Support Ferret engine in Calendar 2017-09-07 13:25:12 -07:00
storage Fix implicitly nullable parameter declarations for PHP 8.4 2024-10-23 11:09:36 +02:00
typeahead Show login page if a search token requires a valid viewer 2024-06-04 16:10:50 +02:00
util Fix spelling 2017-10-09 10:48:04 -07:00
view Search and Replace calls to setShade 2017-05-22 18:59:53 +00:00
worker Queue large ICS files for background import 2016-11-06 07:46:21 -08:00
xaction Fix PHP 8.1 "strlen(null)" exceptions which block rendering page to import ICS calendar file 2023-05-08 23:13:12 +02:00