fix(selectfield): too many unescaping

btry · btry · commit 706b70faa2a1 · 2022-10-24T15:55:50.000+02:00
diff --git a/inc/field/selectfield.class.php b/inc/field/selectfield.class.php
@@ -116,7 +116,6 @@ public function isValidValue($value): bool {
       if ($value == '0') {
          return true;
       }
-      $value = Toolbox::stripslashes_deep($value);
       $value = trim($value);
       return in_array($value, $this->getAvailableValues());
    }
diff --git a/tests/3-unit/GlpiPlugin/Formcreator/Field/SelectField.php b/tests/3-unit/GlpiPlugin/Formcreator/Field/SelectField.php
@@ -252,6 +252,55 @@ public function testGetEmptyParameters() {
          ->isIdenticalTo([]);
    }
 
+   public function providerIsValidValue() {
+      $instance = $this->newTestedInstance($this->getQuestion([
+         'fieldtype' => 'select',
+         'values'    => implode('\r\n', ['1', '2', '3', '4']),
+      ]));
+      yield [
+         'instance' => $instance,
+         'value'    => '',
+         'expected' => false,
+      ];
+      yield [
+         'instance' => $instance,
+         'value'    => '1',
+         'expected' => true,
+      ];
+      yield [
+         'instance' => $instance,
+         'value'    => '9',
+         'expected' => false,
+      ];
+
+      // values are escaped by GLPI, then backslashes are doubled
+      $instance = $this->newTestedInstance($this->getQuestion([
+         'fieldtype' => 'select',
+         'values'    => implode('\r\n', ['X:\\\\path\\\\to\\\\file', 'nothing']),
+         '_parameters'        => [
+            'checkboxes'         => [
+               'range'              => [
+                  'range_min'          => '',
+                  'range_max'          => '',
+               ]
+            ]
+         ],
+      ]));
+      yield [
+         'instance' => $instance,
+         'value'    => 'X:\\path\\to\\file',
+         'expected' => true,
+      ];
+   }
+
+   /**
+    * @dataProvider providerIsValidValue
+    */
+   public function testIsValidValue($instance, $value, $expected) {
+      $output = $instance->isValidValue($value);
+      $this->boolean($output)->isEqualTo($expected);
+   }
+
    public function providerSerializeValue() {
       return [
          [

Original file line number	Diff line number	Diff line change
`@@ -116,7 +116,6 @@ public function isValidValue($value): bool {`
`116`	`116`	`if ($value == '0') {`
`117`	`117`	`return true;`
`118`	`118`	`}`
`119`		`- $value = Toolbox::stripslashes_deep($value);`
`120`	`119`	`$value = trim($value);`
`121`	`120`	`return in_array($value, $this->getAvailableValues());`
`122`	`121`	`}`