From 7b10f859decdb5d97ffe97e647db52f29f4661f8 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Thu, 2 Jun 2011 08:45:48 +0200 Subject: [ticket/10005] Add validation of dropdown custom profile field values PHPBB3-10005 --- phpBB/includes/functions_profile_fields.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions_profile_fields.php') diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 78fe049f40..1eae2a9ad6 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -149,7 +149,18 @@ class custom_profile case FIELD_DROPDOWN: $field_value = (int) $field_value; - + + // retrieve option lang data if necessary + if (!isset($this->options_lang[$field_data['field_id']]) || !isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']]) || !sizeof($this->options_lang[$file_data['field_id']][$field_data['lang_id']])) + { + $this->get_option_lang($field_data['field_id'], $field_data['lang_id'], FIELD_DROPDOWN, false); + } + + if (!isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']][$field_value])) + { + return 'FIELD_INVALID_VALUE'; + } + if ($field_value == $field_data['field_novalue'] && $field_data['field_required']) { return 'FIELD_REQUIRED'; @@ -302,6 +313,7 @@ class custom_profile switch ($cp_result) { case 'FIELD_INVALID_DATE': + case 'FIELD_INVALID_VALUE': case 'FIELD_REQUIRED': $error = sprintf($user->lang[$cp_result], $row['lang_name']); break; -- cgit v1.2.1 From 99164cd20b9d8ca77b1e9a54e0958cdb580945d0 Mon Sep 17 00:00:00 2001 From: rxu Date: Mon, 17 Jan 2011 00:01:04 +0700 Subject: [ticket/9831] Correctly store checkbox default value for boolean CPF. PHPBB3-9831 --- phpBB/includes/functions_profile_fields.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_profile_fields.php') diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 1eae2a9ad6..7874608009 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -625,10 +625,10 @@ class custom_profile $profile_row['field_ident'] = (isset($profile_row['var_name'])) ? $profile_row['var_name'] : 'pf_' . $profile_row['field_ident']; $user_ident = $profile_row['field_ident']; - // checkbox - only testing for isset + // checkbox - set the value to "true" if it has been set to 1 if ($profile_row['field_type'] == FIELD_BOOL && $profile_row['field_length'] == 2) { - $value = (isset($_REQUEST[$profile_row['field_ident']])) ? true : ((!isset($user->profile_fields[$user_ident]) || $preview) ? $default_value : $user->profile_fields[$user_ident]); + $value = (isset($_REQUEST[$profile_row['field_ident']]) && request_var($profile_row['field_ident'], $default_value) == 1) ? true : ((!isset($user->profile_fields[$user_ident]) || $preview) ? $default_value : $user->profile_fields[$user_ident]); } else if ($profile_row['field_type'] == FIELD_INT) { -- cgit v1.2.1 From 345e8e084fd5ab7f99442ce6515a786a90806e2e Mon Sep 17 00:00:00 2001 From: rxu Date: Fri, 10 Feb 2012 00:31:13 +0800 Subject: [ticket/9084] Don't hide 'non-entered' dropdown CPF value if not required PHPBB3-9084 --- phpBB/includes/functions_profile_fields.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions_profile_fields.php') diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 1eae2a9ad6..79701429e6 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -571,7 +571,7 @@ class custom_profile $this->get_option_lang($field_id, $lang_id, FIELD_DROPDOWN, false); } - if ($value == $ident_ary['data']['field_novalue']) + if ($value == $ident_ary['data']['field_novalue'] && $ident_ary['data']['field_required']) { return NULL; } -- cgit v1.2.1 From cd61de4bfdd1818d173e7413e53d8fd3d7ce1913 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Fri, 9 Mar 2012 04:31:03 -0500 Subject: [ticket/9084] Explain the logic. PHPBB3-9084 --- phpBB/includes/functions_profile_fields.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'phpBB/includes/functions_profile_fields.php') diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 79701429e6..d44be16184 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -571,6 +571,11 @@ class custom_profile $this->get_option_lang($field_id, $lang_id, FIELD_DROPDOWN, false); } + // If a dropdown field is required, users + // cannot choose the "no value" option. + // They must choose one of the other options. + // Therefore, here we treat a value equal to + // the "no value" as a lack of value, i.e. NULL. if ($value == $ident_ary['data']['field_novalue'] && $ident_ary['data']['field_required']) { return NULL; -- cgit v1.2.1