Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added check if a id in a valid format to the Collection::findById #12012

Merged
merged 1 commit into from
Jul 24, 2016
Merged

Added check if a id in a valid format to the Collection::findById #12012

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,7 @@
- Renamed `Phalcon\Http\Request::isSoapRequest` to `Phalcon\Http\Request::isSoap` and `Phalcon\Http\Request::isSecureRequest` to `Phalcon\Http\Request::isSecure`. Left the originals functions as aliases and marked them deprecated.
- Fixed wildcard inheritance in `Phalcon\Acl\Adapter\Memory` [#12004](https://github.com/phalcon/cphalcon/issues/12004)
- Dropped support of Oracle [#12008](https://github.com/phalcon/cphalcon/issues/12008)
- Improved `Phalcon\Mvc\Collection::findById`. Added check if a `id` in a valid format [#12010](https://github.com/phalcon/cphalcon/issues/12010)

# [2.0.13](https://github.com/phalcon/cphalcon/releases/tag/phalcon-v2.0.13) (2016-05-19)
- Restored `Phalcon\Text::camelize` behavior [#11767](https://github.com/phalcon/cphalcon/issues/11767)
Expand Down
52 changes: 35 additions & 17 deletions phalcon/mvc/collection.zep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1113,14 +1113,27 @@ abstract class Collection implements EntityInterface, CollectionInterface, Injec
/**
* Find a document by its id (_id)
*
* @param string|\MongoId id
* @return \Phalcon\Mvc\Collection
* <code>
* // Find user by using \MongoId object
* $user = Users::findById(new \MongoId('545eb081631d16153a293a66'));
*
* // Find user by using id as sting
* $user = Users::findById('45cbc4a0e4123f6920000002');
*
* // Validate input
* if ($user = Users::findById($_POST['id'])) {
* // ...
* }
* </code>
*/
public static function findById(id) -> <Collection>
public static function findById(var id) -> <Collection> | null
{
var className, collection, mongoId;

if typeof id != "object" {
if !preg_match("/^[a-f\d]{24}$/i", id) {
return null;
}

let className = get_called_class();

Expand All @@ -1146,23 +1159,28 @@ abstract class Collection implements EntityInterface, CollectionInterface, Injec
* Allows to query the first record that match the specified conditions
*
* <code>
*
* //What's the first robot in the robots table?
* // What's the first robot in the robots table?
* $robot = Robots::findFirst();
* echo "The robot name is ", $robot->name, "\n";
* echo 'The robot name is ', $robot->name, "\n";
*
* //What's the first mechanical robot in robots table?
* $robot = Robots::findFirst(array(
* array("type" => "mechanical")
* ));
* echo "The first mechanical robot name is ", $robot->name, "\n";
* // What's the first mechanical robot in robots table?
* $robot = Robots::findFirst([
* ['type' => 'mechanical']
* ]);
* echo 'The first mechanical robot name is ', $robot->name, "\n";
*
* //Get first virtual robot ordered by name
* $robot = Robots::findFirst(array(
* array("type" => "mechanical"),
* "order" => array("name" => 1)
* ));
* echo "The first virtual robot name is ", $robot->name, "\n";
* // Get first virtual robot ordered by name
* $robot = Robots::findFirst([
* ['type' => 'mechanical'],
* 'order' => ['name' => 1]
* ]);
* echo 'The first virtual robot name is ', $robot->name, "\n";
*
* // Get first robot by id (_id)
* $robot = Robots::findFirst([
* ['_id' => new \MongoId('45cbc4a0e4123f6920000002')]
* ]);
* echo 'The robot id is ', $robot->_id, "\n";
* </code>
*/
public static function findFirst(array parameters = null) -> array
Expand Down
4 changes: 2 additions & 2 deletions tests/_data/collections/Songs.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
/**
* Songs Collection
*
* @method static Songs[] find($parameters = null)
* @method static Songs findFirst($parameters = null)
* @method static Songs[] find(array $parameters = null)
* @method static Songs findFirst(array $parameters = null)
*
* @property \MongoId _id
* @property string artist
Expand Down
2 changes: 1 addition & 1 deletion tests/_support/Helper/Collection.php → tests/_support/Helper/CollectionTrait.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
*
* @package Helper
*/
trait Collection
trait CollectionTrait
{
/**
* Executed before each test
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/Mvc/Collection/BehaviorCest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

namespace Phalcon\Test\Integration\Mvc\Collection;

use Helper\Collection;
use Helper\CollectionTrait;
use IntegrationTester;
use Phalcon\Test\Collections\Subs;

Expand All @@ -25,7 +25,7 @@
*/
class BehaviorCest
{
use Collection;
use CollectionTrait;

public function behaviors(IntegrationTester $I)
{
Expand Down
4 changes: 2 additions & 2 deletions tests/unit/Mvc/Collection/ClassChangeCest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
namespace Phalcon\Test\Unit\Mvc\Collection;

use UnitTester;
use Helper\Collection;
use Helper\CollectionTrait;
use Phalcon\Mvc\Collection\Exception;
use Phalcon\Test\Collections\Bookshelf\Books;

Expand All @@ -26,7 +26,7 @@
*/
class ClassChangeCest
{
use Collection;
use CollectionTrait;

public function change(UnitTester $I)
{
Expand Down
36 changes: 34 additions & 2 deletions tests/unit/Mvc/CollectionTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

namespace Phalcon\Test\Unit\Mvc;

use Helper\Collection;
use Helper\CollectionTrait;
use Phalcon\Test\Module\UnitTest;
use Phalcon\Test\Collections\Songs;

Expand All @@ -25,7 +25,7 @@
*/
class CollectionTest extends UnitTest
{
use Collection;
use CollectionTrait;

/**
* executed before each test
Expand Down Expand Up @@ -296,6 +296,38 @@ function () {
);
}

/**
* Tests Collection::findById
*
* @author Serghei Iakovlev <serghei@phalconphp.com>
* @since 2016-07-24
* @issue 12010
*/
public function testShouldUseCorrectMongoId()
{
$this->specify(
'The Collection::findById does not return expected result',
function () {
$song = new Songs();
$song->artist = 'Jo Blankenburg';
$song->name = 'Valkyrie';
$song->create();

$mongoIdObject = $song->_id;

expect(Songs::findById($mongoIdObject->__toString()))->isInstanceOf('\Phalcon\Mvc\CollectionInterface');
expect(Songs::findById($mongoIdObject))->isInstanceOf('\Phalcon\Mvc\CollectionInterface');

expect(Songs::findById('qwerty-1234'))->null();
expect(Songs::findById('s'))->null();
expect(Songs::findById(str_repeat('0', 25)))->null();
expect(Songs::findById(''))->null();
expect(Songs::findById(null))->null();
expect(Songs::findById(false))->null();
}
);
}

protected function createDocument(array $fields)
{
$song = new Songs();
Expand Down