[pLog-svn] r6566 - plog/branches/lifetype-1.2/class/action/admin

Jon Daley plogworld at jon.limedaley.com
Wed Jun 18 10:15:26 EDT 2008


On Wed, 18 Jun 2008, Jon Daley wrote:
> 	In this case, shouldn't the blogId be validated in the constructor, 
> and then you can do the fancier check in the validate() function?  Is it 
> valid to have a non-integer blogId?  It worries me to have $this->_blogId set 
> to an arbitrary string or whatever.  I'd prefer to see $this->_XXX not used 
> inside the validate function, since people later on would assume that 
> $this->_blogId has been validated, and in this case, it has not.
> 	Maybe I am looking at something wrong, but I think this method 
> currently is still exploitable.

 	Hrm.  Looking at this more, I am confused.  I guess we are using 
the dashboardview as the error view, since we are returning false out of 
the validate method?  And since the dashboard view doesn't use the blogId 
parameter it is okay, but I'd rather see the invalid blogId not saved, in 
case someone assumes it has been validated later on.
 	But, I see that you are right about not having the validator in 
the constructor.  So, all I am saying now is:

1. I think we shouldn't save stuff to $this->XXX inside the validate 
functions, but just use local variables until we know the data is valid.

2. Do we do the using a "successful" view like the dashboardview as an 
error view regularly?  That wasn't intuitive to me.



More information about the pLog-svn mailing list