MAPG-235 challenge token related error handling

This commit is contained in:
Balázs Vigh 2021-05-20 08:31:52 +02:00
parent 3b98570f6d
commit bbb66ca979
3 changed files with 18 additions and 0 deletions

View File

@ -107,6 +107,10 @@ class GameController
{ {
// create Challenge // create Challenge
$challengeToken = rand(); $challengeToken = rand();
while ($this->challengeRepository->getByToken($challengeToken)) {
// if a challenge with the same token already exists
$challengeToken = rand();
}
$challenge = new Challenge(); $challenge = new Challenge();
$challenge->setToken($challengeToken); $challenge->setToken($challengeToken);

View File

@ -31,6 +31,13 @@ class ChallengeRepository
public function getByTokenStr(string $token_str): ?Challenge public function getByTokenStr(string $token_str): ?Challenge
{ {
// validate token string
foreach (str_split($token_str) as $char) {
if (!(('0' <= $char && $char <= '9') || ('a' <= $char && $char <= 'f'))) {
return null;
}
}
// convert token to int
$token = hexdec($token_str); $token = hexdec($token_str);
return $this->getByToken($token); return $this->getByToken($token);

View File

@ -48,6 +48,13 @@ class UserInChallengeRepository
$withRelations = array_unique(array_merge($withRelations, $necessaryRelations)); $withRelations = array_unique(array_merge($withRelations, $necessaryRelations));
} }
// validate token string
foreach (str_split($token_str) as $char) {
if (!(('0' <= $char && $char <= '9') || ('a' <= $char && $char <= 'f'))) {
return null;
}
}
// convert token to int
$token = hexdec($token_str); $token = hexdec($token_str);
$select = new Select(\Container::$dbConnection); $select = new Select(\Container::$dbConnection);