Issue 11508: Sanitizing date fields for events and polls

This commit is contained in:
Michael 2022-05-15 18:00:19 +00:00
parent 44291a465b
commit 5af7c30026

View file

@ -170,7 +170,7 @@ class Processor
} }
if (!empty($activity['question']['end-time'])) { if (!empty($activity['question']['end-time'])) {
$question['end-time'] = $activity['question']['end-time']; $question['end-time'] = DateTimeFormat::utc($activity['question']['end-time']);
} }
Post\Question::update($item['uri-id'], $question); Post\Question::update($item['uri-id'], $question);
@ -238,8 +238,12 @@ class Processor
$event['edited'] = DateTimeFormat::utc($activity['updated']); $event['edited'] = DateTimeFormat::utc($activity['updated']);
$event['summary'] = HTML::toBBCode($activity['name']); $event['summary'] = HTML::toBBCode($activity['name']);
$event['desc'] = HTML::toBBCode($activity['content']); $event['desc'] = HTML::toBBCode($activity['content']);
$event['start'] = $activity['start-time']; if (!empty($activity['start-time'])) {
$event['finish'] = $activity['end-time']; $event['start'] = DateTimeFormat::utc($activity['start-time']);
}
if (!empty($activity['end-time'])) {
$event['finish'] = DateTimeFormat::utc($activity['end-time']);
}
$event['nofinish'] = empty($event['finish']); $event['nofinish'] = empty($event['finish']);
$event['location'] = $activity['location']; $event['location'] = $activity['location'];
@ -558,8 +562,12 @@ class Processor
{ {
$event['summary'] = HTML::toBBCode($activity['name'] ?: $activity['summary']); $event['summary'] = HTML::toBBCode($activity['name'] ?: $activity['summary']);
$event['desc'] = HTML::toBBCode($activity['content']); $event['desc'] = HTML::toBBCode($activity['content']);
$event['start'] = $activity['start-time']; if (!empty($activity['start-time'])) {
$event['finish'] = $activity['end-time']; $event['start'] = DateTimeFormat::utc($activity['start-time']);
}
if (!empty($activity['end-time'])) {
$event['finish'] = DateTimeFormat::utc($activity['end-time']);
}
$event['nofinish'] = empty($event['finish']); $event['nofinish'] = empty($event['finish']);
$event['location'] = $activity['location']; $event['location'] = $activity['location'];
$event['cid'] = $item['contact-id']; $event['cid'] = $item['contact-id'];