maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Merge pull request from GHSA-625g-fm5w-w7w4

Browse Source 
* fix possibility to have empty name/surname and empty company

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

* let js validation for customer add/edit form also trim() entered data to avoid empty values pass the client-side validation

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

---------

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2023-12-15 09:36:06 +01:00
committed by GitHub
parent 778fd3ba65
commit 4b1846883d
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/Froxlor/Api/Commands/Customers.php
View File

@@ -1053,7 +1053,7 @@ class Customers extends ApiCommand implements ResourceEntity
$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
$name = $this->getParam('name', true, $result['name']);
$firstname = $this->getParam('firstname', true, $result['firstname']);
$company_required = empty($result['company']) && ((!empty($name) && empty($firstname)) || (empty($name) && !empty($firstname)) || (empty($name) && empty($firstname)));
$company_required = (!empty($name) && empty($firstname)) || (empty($name) && !empty($firstname)) || (empty($name) && empty($firstname));
$company = $this->getParam('company', !$company_required, $result['company']);
$street = $this->getParam('street', true, $result['street']);
$zipcode = $this->getParam('zipcode', true, $result['zipcode']);

8
templates/Froxlor/assets/js/jquery/validation.js vendored
View File

@@ -8,18 +8,18 @@ export default function () {
rules: {
'name': {
required: function () {
return $('#company').val().length === 0 || $('#firstname').val().length > 0;
return $('#company').val().trim().length === 0 || $('#firstname').val().trim().length > 0;
}
},
'firstname': {
required: function () {
return $('#company').val().length === 0 || $('#name').val().length > 0;
return $('#company').val().trim().length === 0 || $('#name').val().trim().length > 0;
}
},
'company': {
required: function () {
return $('#name').val().length === 0
&& $('#firstname').val().length === 0;
return $('#name').val().trim().length === 0
&& $('#firstname').val().trim().length === 0;
}
}
},