tyler.durden/opensupports
1
0
Fork 0
mirror of https://github.com/opensupports/opensupports.git synced 2025-07-29 08:44:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #136 from guillegiu/master

Browse Source 
fix bug #83
This commit is contained in:
Guillermo Giuliana 2018-01-17 22:10:28 -03:00 committed by GitHub
commit f211bd9cea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 34 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
server/controllers/system/add-department.php
View File

@ -16,7 +16,6 @@ use Respect\Validation\Validator as DataValidator;
* @apiParam {String} name Name of the new department. * @apiParam {String} name Name of the new department.
* *
* @apiUse NO_PERMISSION * @apiUse NO_PERMISSION
* @apiUse INVALID_NAME
* *
* @apiSuccess {Object} data Empty object * @apiSuccess {Object} data Empty object
* *
@ -29,20 +28,15 @@ class AddDepartmentController extends Controller {
public function validations() { public function validations() {
return [ return [
'permission' => 'staff_3', 'permission' => 'staff_3',
'requestData' => [ 'requestData' => []
'name' => [
'validation' => DataValidator::alnum(),
'error' => ERRORS::INVALID_NAME
]
]
]; ];
} }
public function handler() { public function handler() {
$name = Controller::request('name'); $name = htmlentities(Controller::request('name'));
$departmentInstance = new Department(); $departmentInstance = new Department();
$departmentInstance->setProperties([ $departmentInstance->setProperties([
'name' => $name, 'name' => $name,
]); ]);
@ -53,4 +47,4 @@ class AddDepartmentController extends Controller {
Response::respondSuccess(); Response::respondSuccess();
} }
} }

20
server/controllers/ticket/create.php
View File

@ -68,7 +68,7 @@ class CreateController extends Controller {
] ]
] ]
]; ];
if(!Controller::isUserSystemEnabled()) { if(!Controller::isUserSystemEnabled()) {
$validations['permission'] = 'any'; $validations['permission'] = 'any';
$validations['requestData']['captcha'] = [ $validations['requestData']['captcha'] = [
@ -80,13 +80,13 @@ class CreateController extends Controller {
'error' => ERRORS::INVALID_EMAIL 'error' => ERRORS::INVALID_EMAIL
]; ];
} }
return $validations; return $validations;
} }
public function handler() { public function handler() {
$this->title = Controller::request('title'); $this->title = htmlentities(Controller::request('title'));
$this->content = Controller::request('content', true); $this->content = htmlentities(Controller::request('content', true));
$this->departmentId = Controller::request('departmentId'); $this->departmentId = Controller::request('departmentId');
$this->language = Controller::request('language'); $this->language = Controller::request('language');
$this->email = Controller::request('email'); $this->email = Controller::request('email');
@ -97,7 +97,7 @@ class CreateController extends Controller {
if(!Controller::isUserSystemEnabled()) { if(!Controller::isUserSystemEnabled()) {
$this->sendMail(); $this->sendMail();
} }
$staffs = Staff::find('send_email_on_new_ticket = 1'); $staffs = Staff::find('send_email_on_new_ticket = 1');
foreach ($staffs as $staff) { foreach ($staffs as $staff) {
if($staff->sharedDepartmentList->includesId(Controller::request('departmentId'))) { if($staff->sharedDepartmentList->includesId(Controller::request('departmentId'))) {
@ -132,19 +132,19 @@ class CreateController extends Controller {
'authorName' => $this->name, 'authorName' => $this->name,
'authorEmail' => $this->email 'authorEmail' => $this->email
)); ));
if(Controller::isUserSystemEnabled()) { if(Controller::isUserSystemEnabled()) {
$author->sharedTicketList->add($ticket); $author->sharedTicketList->add($ticket);
$author->tickets++; $author->tickets++;
$this->email = $author->email; $this->email = $author->email;
$this->name = $author->name; $this->name = $author->name;
$author->store(); $author->store();
} }
$ticket->store(); $ticket->store();
$this->ticketNumber = $ticket->ticketNumber; $this->ticketNumber = $ticket->ticketNumber;
} }

1
server/libs/MailSender.php
View File

@ -70,6 +70,7 @@ class MailSender {
$this->mailerInstance->From = $this->mailOptions['from']; $this->mailerInstance->From = $this->mailOptions['from'];
$this->mailerInstance->FromName = $this->mailOptions['fromName']; $this->mailerInstance->FromName = $this->mailOptions['fromName'];
$this->mailerInstance->CharSet = 'UTF-8';
$this->mailerInstance->isSMTP(); $this->mailerInstance->isSMTP();
$this->mailerInstance->SMTPAuth = true; $this->mailerInstance->SMTPAuth = true;

19
tests/system/add-department.rb
View File

@ -2,7 +2,7 @@ describe'system/add-department' do
request('/user/logout') request('/user/logout')
Scripts.login($staff[:email], $staff[:password], true) Scripts.login($staff[:email], $staff[:password], true)
it 'should add department' do it 'should add department with alphanumeric characters' do
result = request('/system/add-department', { result = request('/system/add-department', {
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,
csrf_token: $csrf_token, csrf_token: $csrf_token,
@ -18,4 +18,21 @@ describe'system/add-department' do
lastLog = $database.getLastRow('log') lastLog = $database.getLastRow('log')
(lastLog['type']).should.equal('ADD_DEPARTMENT') (lastLog['type']).should.equal('ADD_DEPARTMENT')
end end
it 'should add department with html tag' do
result = request('/system/add-department', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: '<b>new department</b>'
})
(result['status']).should.equal('success')
row = $database.getRow('department', 5, 'id')
(row['name']).should.equal('&lt;b&gt;new department&lt;/b&gt;')
lastLog = $database.getLastRow('log')
(lastLog['type']).should.equal('ADD_DEPARTMENT')
end
end end