[Bese-devel] fixed bug in validate-number-field
Eugene Tyurin
etyurin at comcast.net
Sat Feb 5 18:06:26 UTC 2005
Hi!
This prevents someone from sabotaging the application by inputting a
non-numeric string into number-field.
Also, I left (if (eql +unitialized+ lisp-value t) as is and added extra
numberp test. But should'nt validator return nil if the lisp-value is
still unitialized?
--ET.
--- src/components/form.lisp 2005-02-02 23:04:11.000000000 -0500
+++ ../../tmp/form-ent.lisp 2005-02-05 13:01:55.000000000 -0500
@@ -112,17 +112,20 @@
number
(if (eql +uninitialized+ lisp-value)
t
+ (if (numberp lisp-value)
(cond
((and min-value max-value)
(< min-value lisp-value max-value))
(min-value (< min-value lisp-value))
(max-value (< lisp-value max-value))
- (t lisp-value)))))
+ (t lisp-value))
+ nil))))
(defmethod read-client-value :around ((number number-field))
(unless (or (null (client-value number))
(string= "" (client-value number)))
- (call-next-method)))
+ (ignore-errors ; returns NIL in case of SIMPLE-PARSE-ERROR
+ (call-next-method))))
(defmethod render-on ((res response) (n number-field))
(<ucw:input :type "text" :accessor (client-value n)))
More information about the bese-devel
mailing list