diff options
| author | polo <ordipolo@gmx.fr> | 2025-06-24 02:02:44 +0200 |
|---|---|---|
| committer | polo <ordipolo@gmx.fr> | 2025-06-24 02:02:44 +0200 |
| commit | 41adf94ebf868232aa43fe9b8b80029896da9da7 (patch) | |
| tree | 3c3842bd1d1830b68576d912cd506859f1dd5bef /src/model/entities | |
| parent | ff2a45feb0080b89db8c6193306a4676705ea607 (diff) | |
| download | cms-41adf94ebf868232aa43fe9b8b80029896da9da7.tar.gz cms-41adf94ebf868232aa43fe9b8b80029896da9da7.tar.bz2 cms-41adf94ebf868232aa43fe9b8b80029896da9da7.zip | |
saisie sécurisée
Diffstat (limited to 'src/model/entities')
| -rw-r--r-- | src/model/entities/Event.php | 32 |
1 files changed, 18 insertions, 14 deletions
diff --git a/src/model/entities/Event.php b/src/model/entities/Event.php index c85832f..ae0d396 100644 --- a/src/model/entities/Event.php +++ b/src/model/entities/Event.php | |||
| @@ -39,23 +39,27 @@ class Event | |||
| 39 | #[ORM\Column(type: 'string', length: 7, nullable: true)] | 39 | #[ORM\Column(type: 'string', length: 7, nullable: true)] |
| 40 | private ?string $color = null; | 40 | private ?string $color = null; |
| 41 | 41 | ||
| 42 | public function __construct(string $title, string|\DateTimeInterface $start, string|\DateTimeInterface $end, bool $all_day, string $description = '', string $color = null){ | 42 | public function __construct(array $json){ |
| 43 | $this->title = $title; | 43 | $this->securedUpdateFromJSON($json); |
| 44 | $this->description = $description; | ||
| 45 | $this->start = gettype($start) === 'string' ? new \DateTime($start) : $start; | ||
| 46 | $this->end = gettype($end) === 'string' ? new \DateTime($end) : $end; | ||
| 47 | $this->all_day = $all_day; | ||
| 48 | $this->color = $color; | ||
| 49 | } | 44 | } |
| 50 | 45 | ||
| 51 | public function updateFromJSON(array $json): void | 46 | public function securedUpdateFromJSON(array $json): void |
| 52 | { | 47 | { |
| 53 | $this->title = $json['title']; | 48 | $this->title = htmlspecialchars($json['title']); |
| 54 | $this->description = $json['description']; | 49 | $this->description = htmlspecialchars($json['description']); |
| 55 | $this->start = new \DateTime($json['start']); | 50 | try{ |
| 56 | $this->end = new \DateTime($json['end']); | 51 | $this->start = new \Datetime($json['start']); |
| 57 | $this->all_day = $json['allDay']; | 52 | $this->end = new \Datetime($json['end']); |
| 58 | $this->color = $json['color']; | 53 | } |
| 54 | catch(\Exception $e){ | ||
| 55 | throw new \InvalidArgumentException('Bad date input'); | ||
| 56 | } | ||
| 57 | $all_day = filter_var($json['allDay'] ?? null, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE); | ||
| 58 | if(!is_bool($all_day)){ | ||
| 59 | throw new \InvalidArgumentException('Bad checkbox input'); | ||
| 60 | } | ||
| 61 | $this->all_day = $all_day; | ||
| 62 | $this->color = isset($json['color']) ? htmlspecialchars($json['color']) : null; | ||
| 59 | } | 63 | } |
| 60 | 64 | ||
| 61 | public function getId(): int | 65 | public function getId(): int |