MAPG-235 challenge token related error handling

This commit is contained in:
Balázs Vigh 2021-05-20 08:31:52 +02:00
parent 3b98570f6d
commit bbb66ca979
3 changed files with 18 additions and 0 deletions

View File

@ -107,6 +107,10 @@ class GameController
{
// create Challenge
$challengeToken = rand();
while ($this->challengeRepository->getByToken($challengeToken)) {
// if a challenge with the same token already exists
$challengeToken = rand();
}
$challenge = new Challenge();
$challenge->setToken($challengeToken);

View File

@ -31,6 +31,13 @@ class ChallengeRepository
public function getByTokenStr(string $token_str): ?Challenge
{
// validate token string
foreach (str_split($token_str) as $char) {
if (!(('0' <= $char && $char <= '9') || ('a' <= $char && $char <= 'f'))) {
return null;
}
}
// convert token to int
$token = hexdec($token_str);
return $this->getByToken($token);

View File

@ -48,6 +48,13 @@ class UserInChallengeRepository
$withRelations = array_unique(array_merge($withRelations, $necessaryRelations));
}
// validate token string
foreach (str_split($token_str) as $char) {
if (!(('0' <= $char && $char <= '9') || ('a' <= $char && $char <= 'f'))) {
return null;
}
}
// convert token to int
$token = hexdec($token_str);
$select = new Select(\Container::$dbConnection);