Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--phpBB/includes/acp/acp_groups.php18
-rw-r--r--phpBB/includes/functions_user.php27
-rw-r--r--phpBB/includes/ucp/ucp_groups.php7
-rw-r--r--phpBB/language/en/common.php1
-rw-r--r--phpBB/styles/prosilver/template/ucp_groups_manage.html2
-rw-r--r--tests/functional/acp_groups_test.php21
-rw-r--r--tests/functional/common_groups_test.php55
-rw-r--r--tests/functional/ucp_groups_test.php21
8 files changed, 145 insertions, 7 deletions
diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php
index beb7aefee5..83c355540e 100644
--- a/phpBB/includes/acp/acp_groups.php
+++ b/phpBB/includes/acp/acp_groups.php
@@ -413,13 +413,21 @@ class acp_groups
}
}
- // Validate the length of "Maximum number of allowed recipients per private message" setting.
- // We use 16777215 as a maximum because it matches MySQL unsigned mediumint maximum value
- // which is the lowest amongst DBMSes supported by phpBB3
- if ($max_recipients_error = validate_data($submit_ary, array('max_recipients' => array('num', false, 0, 16777215))))
+ /*
+ * Validate the length of "Maximum number of allowed recipients per
+ * private message" setting. We use 16777215 as a maximum because it matches
+ * MySQL unsigned mediumint maximum value which is the lowest amongst DBMSes
+ * supported by phpBB3. Also validate the submitted colour value.
+ */
+ $validation_checks = array(
+ 'max_recipients' => array('num', false, 0, 16777215),
+ 'colour' => array('hex_colour', true),
+ );
+
+ if ($validation_error = validate_data($submit_ary, $validation_checks))
{
// Replace "error" string with its real, localised form
- $error = array_merge($error, array_map(array(&$user, 'lang'), $max_recipients_error));
+ $error = array_merge($error, array_map(array(&$user, 'lang'), $validation_error));
}
if (!sizeof($error))
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 5a6a0b4a05..61972c3876 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -1247,8 +1247,9 @@ function validate_data($data, $val_ary)
{
$function = array_shift($validate);
array_unshift($validate, $data[$var]);
+ $function_prefix = (function_exists('phpbb_validate_' . $function)) ? 'phpbb_validate_' : 'validate';
- if ($result = call_user_func_array('validate_' . $function, $validate))
+ if ($result = call_user_func_array($function_prefix . $function, $validate))
{
// Since errors are checked later for their language file existence, we need to make sure custom errors are not adjusted.
$error[] = (empty($user->lang[$result . '_' . strtoupper($var)])) ? $result : $result . '_' . strtoupper($var);
@@ -1899,6 +1900,30 @@ function validate_jabber($jid)
}
/**
+* Validate hex colour value
+*
+* @param string $colour The hex colour value
+* @param bool $optional Whether the colour value is optional. True if an empty
+* string will be accepted as correct input, false if not.
+* @return bool|string Error message if colour value is incorrect, false if it
+* fits the hex colour code
+*/
+function phpbb_validate_hex_colour($colour, $optional = false)
+{
+ if (empty($colour))
+ {
+ return (($optional) ? false : 'WRONG_DATA');
+ }
+
+ if (!preg_match('/^([0-9a-fA-F]{6}|[0-9a-fA-F]{3})$/', $colour))
+ {
+ return 'WRONG_DATA';
+ }
+
+ return false;
+}
+
+/**
* Verifies whether a style ID corresponds to an active style.
*
* @param int $style_id The style_id of a style which should be checked if activated or not.
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index d62dbb1866..9365913541 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -595,6 +595,13 @@ class ucp_groups
$error[] = $user->lang['FORM_INVALID'];
}
+ // Validate submitted colour value
+ if ($colour_error = validate_data($submit_ary, array('colour' => array('hex_colour', true))))
+ {
+ // Replace "error" string with its real, localised form
+ $error = array_merge($error, array_map(array(&$user, 'lang'), $colour_error));
+ }
+
if (!sizeof($error))
{
// Only set the rank, colour, etc. if it's changed or if we're adding a new
diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php
index baf398b146..c986e8213d 100644
--- a/phpBB/language/en/common.php
+++ b/phpBB/language/en/common.php
@@ -722,6 +722,7 @@ $lang = array_merge($lang, array(
'WHO_IS_ONLINE' => 'Who is online',
'WRONG_PASSWORD' => 'You entered an incorrect password.',
+ 'WRONG_DATA_COLOUR' => 'The colour value you entered is invalid.',
'WRONG_DATA_ICQ' => 'The number you entered is not a valid ICQ number.',
'WRONG_DATA_JABBER' => 'The name you entered is not a valid Jabber account name.',
'WRONG_DATA_LANG' => 'The language you specified is not valid.',
diff --git a/phpBB/styles/prosilver/template/ucp_groups_manage.html b/phpBB/styles/prosilver/template/ucp_groups_manage.html
index a58829f99f..c90461312e 100644
--- a/phpBB/styles/prosilver/template/ucp_groups_manage.html
+++ b/phpBB/styles/prosilver/template/ucp_groups_manage.html
@@ -54,7 +54,7 @@
<fieldset>
<dl>
<dt><label for="group_colour">{L_GROUP_COLOR}:</label><br /><span>{L_GROUP_COLOR_EXPLAIN}</span></dt>
- <dd><input name="group_colour" type="text" id="group_colour" value="{GROUP_COLOUR}" size="7" maxlength="7" class="inputbox narrow" /> <span style="background-color: {GROUP_COLOUR};">&nbsp;&nbsp;&nbsp;</span> [ <a href="{U_SWATCH}" onclick="popup(this.href, 636, 150, '_swatch'); return false;">{L_COLOUR_SWATCH}</a> ]</dd>
+ <dd><input name="group_colour" type="text" id="group_colour" value="{GROUP_COLOUR}" size="6" maxlength="6" class="inputbox narrow" /> <span style="background-color: {GROUP_COLOUR};">&nbsp;&nbsp;&nbsp;</span> [ <a href="{U_SWATCH}" onclick="popup(this.href, 636, 150, '_swatch'); return false;">{L_COLOUR_SWATCH}</a> ]</dd>
</dl>
<dl>
<dt><label for="group_rank">{L_GROUP_RANK}:</label></dt>
diff --git a/tests/functional/acp_groups_test.php b/tests/functional/acp_groups_test.php
new file mode 100644
index 0000000000..3d8cabb086
--- /dev/null
+++ b/tests/functional/acp_groups_test.php
@@ -0,0 +1,21 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/common_groups_test.php';
+
+/**
+* @group functional
+*/
+class phpbb_functional_acp_groups_test extends phpbb_functional_common_groups_test
+{
+ protected function get_url()
+ {
+ return 'adm/index.php?i=groups&mode=manage&action=edit';
+ }
+}
diff --git a/tests/functional/common_groups_test.php b/tests/functional/common_groups_test.php
new file mode 100644
index 0000000000..02a538d46e
--- /dev/null
+++ b/tests/functional/common_groups_test.php
@@ -0,0 +1,55 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+/**
+* @group functional
+*/
+abstract class phpbb_functional_common_groups_test extends phpbb_functional_test_case
+{
+ abstract protected function get_url();
+
+ public function groups_manage_test_data()
+ {
+ return array(
+ array('#AA0000', 'WRONG_DATA_COLOUR'),
+ array('AA0000', 'GROUP_UPDATED'),
+ array('AA0000v', 'WRONG_DATA_COLOUR'),
+ array('AA00000', 'WRONG_DATA_COLOUR'),
+ array('vAA0000', 'WRONG_DATA_COLOUR'),
+ array('AAG000','WRONG_DATA_COLOUR'),
+ array('a00', 'GROUP_UPDATED'),
+ array('ag0', 'WRONG_DATA_COLOUR'),
+ array('#aa0', 'WRONG_DATA_COLOUR'),
+ array('AA0000 ', 'GROUP_UPDATED'),
+ array('AA0000 abf', 'WRONG_DATA_COLOUR'),
+ array('AA0000 AA0000', 'WRONG_DATA_COLOUR'),
+ array('', 'GROUP_UPDATED'),
+ array('000', 'GROUP_UPDATED'),
+ array('000000', 'GROUP_UPDATED'),
+ );
+ }
+
+ /**
+ * @dataProvider groups_manage_test_data
+ */
+ public function test_groups_manage($input, $expected)
+ {
+ $this->login();
+ $this->admin_login();
+ $this->add_lang(array('ucp', 'acp/groups'));
+
+ // Manage Administrators group
+ $crawler = $this->request('GET', $this->get_url() . '&g=5&sid=' . $this->sid);
+ $this->assert_response_success();
+ $form = $crawler->selectButton($this->lang('SUBMIT'))->form();
+ $form['group_colour']->setValue($input);
+ $crawler = $this->client->submit($form);
+ $this->assertContains($this->lang($expected), $crawler->text());
+ }
+}
diff --git a/tests/functional/ucp_groups_test.php b/tests/functional/ucp_groups_test.php
new file mode 100644
index 0000000000..9c6b1edc5e
--- /dev/null
+++ b/tests/functional/ucp_groups_test.php
@@ -0,0 +1,21 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/common_groups_test.php';
+
+/**
+* @group functional
+*/
+class phpbb_functional_ucp_groups_test extends phpbb_functional_common_groups_test
+{
+ protected function get_url()
+ {
+ return 'ucp.php?i=groups&mode=manage&action=edit';
+ }
+}