jonny/jonnybarnes.uk
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases 5 Packages Wiki Activity Actions

Merge pull request #905 from jonnybarnes/904-specific-notes-link-causing-numeric-value-out-of-range-sql-error

Browse source 
refactor: Improve note ID validation and error handling
This commit is contained in:
Jonny Barnes 2023-06-11 14:19:28 +01:00 committed by GitHub
commit 7edac37e16
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/Models/Note.php
View file

@ -286,6 +286,13 @@ class Note extends Model
*/ */
public function scopeNb60(Builder $query, string $nb60id): Builder public function scopeNb60(Builder $query, string $nb60id): Builder
{ {
$realId = resolve(Numbers::class)->b60tonum($nb60id);
// Check nb60 does not translate to ID too big for database int4 column
if ($realId > 2_147_483_647) {
abort(404);
}
return $query->where('id', resolve(Numbers::class)->b60tonum($nb60id)); return $query->where('id', resolve(Numbers::class)->b60tonum($nb60id));
} }

BIN
public/assets/app.js.br
View file

Binary file not shown.

7
tests/Feature/NotesControllerTest.php
View file

@ -73,4 +73,11 @@ class NotesControllerTest extends TestCase
$response = $this->get('/notes/112233'); $response = $this->get('/notes/112233');
$response->assertNotFound(); $response->assertNotFound();
} }
/** @test */
public function checkNoteIdNotOutOfRange(): void
{
$response = $this->get('/notes/photou-photologo');
$response->assertNotFound();
}
} }