[prev in list] [next in list] [prev in thread] [next in thread]
List: pear-cvs
Subject: [PEAR-CVS] =?utf-8?q?svn:_/pear/packages/HTML=5FQuickForm2/trunk/_HTML/QuickForm2/Element/Static.php
From: Alexey_Borzov <avb () php ! net>
Date: 2011-09-28 13:35:00
Message-ID: svn-avb-1317216900-317436-724233991 () svn ! php ! net
[Download RAW message or body]
avb Wed, 28 Sep 2011 13:35:00 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=317436
Log:
Prevent a fatal error when using static element under PHP 5.2.x (bug #18874)
Disallow whitespace characters in id attribute values (request #18683)
Bugs: http://pear.php.net/bugs/18874 (unknown)
http://pear.php.net/bugs/18683 (unknown)
Changed paths:
U pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2/Element/Static.php
U pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2/Node.php
U pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2.php
U pear/packages/HTML_QuickForm2/trunk/tests/QuickForm2/Element/StaticTest.php
U pear/packages/HTML_QuickForm2/trunk/tests/QuickForm2/NodeTest.php
Modified: pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2/Element/Static.php
===================================================================
--- pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2/Element/Static.php 2011-09-28 \
13:00:27 UTC (rev 317435)
+++ pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2/Element/Static.php 2011-09-28 \
13:35:00 UTC (rev 317436) @@ -132,7 +132,7 @@
* @param string|null
* @return HTML_QuickForm2_Element_Static
*/
- public function setName($name = null)
+ public function setName($name)
{
if (null !== $name) {
return parent::setName($name);
Modified: pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2/Node.php
===================================================================
--- pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2/Node.php 2011-09-28 13:00:27 \
UTC (rev 317435)
+++ pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2/Node.php 2011-09-28 13:35:00 \
UTC (rev 317436) @@ -338,11 +338,19 @@
*
* @param string Element's id, will be autogenerated if not given
* @return HTML_QuickForm2_Node
+ * @throws HTML_QuickForm2_InvalidArgumentException if id contains invalid
+ * characters (i.e. spaces)
*/
public function setId($id = null)
{
if (is_null($id)) {
$id = self::generateId($this->getName());
+ // HTML5 specification only disallows having space characters in id,
+ // so we don't do stricter checks here
+ } elseif (strpbrk($id, " \r\n\t\x0C")) {
+ throw new HTML_QuickForm2_InvalidArgumentException(
+ "The value of 'id' attribute should not contain space characters"
+ );
} else {
self::storeId($id);
}
Modified: pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2.php
===================================================================
--- pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2.php 2011-09-28 13:00:27 UTC \
(rev 317435)
+++ pear/packages/HTML_QuickForm2/trunk/HTML/QuickForm2.php 2011-09-28 13:35:00 UTC \
(rev 317436) @@ -87,17 +87,13 @@
*/
public function __construct($id, $method = 'post', $attributes = null, \
$trackSubmit = true) {
- $method = ('GET' == strtoupper($method))? 'get': 'post';
- if (empty($id)) {
- $id = self::generateId('');
- $trackSubmit = false;
- } else {
- self::storeId($id);
- }
+ $method = ('GET' == strtoupper($method))? 'get': 'post';
+ $trackSubmit = empty($id) ? false : $trackSubmit;
$this->attributes = array_merge(
self::prepareAttributes($attributes),
- array('id' => (string)$id, 'method' => $method)
+ array('method' => $method)
);
+ parent::setId(empty($id) ? null : $id);
if (!isset($this->attributes['action'])) {
$this->attributes['action'] = $_SERVER['PHP_SELF'];
}
Modified: pear/packages/HTML_QuickForm2/trunk/tests/QuickForm2/Element/StaticTest.php
===================================================================
--- pear/packages/HTML_QuickForm2/trunk/tests/QuickForm2/Element/StaticTest.php 2011-09-28 \
13:00:27 UTC (rev 317435)
+++ pear/packages/HTML_QuickForm2/trunk/tests/QuickForm2/Element/StaticTest.php 2011-09-28 \
13:35:00 UTC (rev 317436) @@ -122,7 +122,7 @@
$this->assertNull($foo->getAttribute('name'));
$bar = new HTML_QuickForm2_Element_Static('bar');
- $bar->setName();
+ $bar->setName(null);
$this->assertNull($bar->getAttribute('name'));
}
Modified: pear/packages/HTML_QuickForm2/trunk/tests/QuickForm2/NodeTest.php
===================================================================
--- pear/packages/HTML_QuickForm2/trunk/tests/QuickForm2/NodeTest.php 2011-09-28 \
13:00:27 UTC (rev 317435)
+++ pear/packages/HTML_QuickForm2/trunk/tests/QuickForm2/NodeTest.php 2011-09-28 \
13:35:00 UTC (rev 317436) @@ -70,8 +70,6 @@
public function getName() { return ''; }
public function setName($name) { }
- public function getId() { return ''; }
- public function setId($id = null) { }
protected function updateValue() { }
@@ -249,5 +247,28 @@
$node = new HTML_QuickForm2_NodeImpl();
$this->assertFalse($node->isRequired());
}
+
+ /**
+ * Disallow spaces in values of 'id' attributes
+ *
+ * @dataProvider invalidIdProvider
+ * @expectedException HTML_QuickForm2_InvalidArgumentException
+ * @link http://pear.php.net/bugs/17576
+ */
+ public function testRequest18683($id)
+ {
+ $node = new HTML_QuickForm2_NodeImpl();
+ $node->setId($id);
+ }
+
+ public static function invalidIdProvider()
+ {
+ return array(
+ array("\x0C"),
+ array(" foo\n"),
+ array("foo\rbar"),
+ array('bar baz')
+ );
+ }
}
?>
--
PEAR CVS Mailing List (http://pear.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic