From c36882dfa86cd9661801f450bc0463fab91e8df3 Mon Sep 17 00:00:00 2001
From: "florian.azizian" <florian.azizian@maarch.org>
Date: Wed, 7 Oct 2020 15:33:30 +0200
Subject: [PATCH] FIX #14939 TIME 0:10 control field length in visa and user

---
 src/app/user/controllers/UserController.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index 8b8b2cbbe81..6b1c99760fe 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -165,11 +165,11 @@ class UserController
         $check = Validator::stringType()->length(1, 128)->notEmpty()->validate($data['userId']) && preg_match("/^[\w.@-]*$/", $data['userId']);
         $check = $check && Validator::stringType()->length(1, 255)->notEmpty()->validate($data['firstname']);
         $check = $check && Validator::stringType()->length(1, 255)->notEmpty()->validate($data['lastname']);
-        $check = $check && Validator::stringType()->length(0, 32)->notEmpty()->validate($data['initials']);
+        $check = $check && Validator::stringType()->length(0, 32)->validate($data['initials'] ?? '');
         $check = $check && Validator::stringType()->length(1, 255)->notEmpty()->validate($data['mail']);
         $check = $check && (empty($data['mail']) || filter_var($data['mail'], FILTER_VALIDATE_EMAIL));
         if (PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
-            $check = $check && (empty($data['phone']) || preg_match("/\+?((|\ |\.|\(|\)|\-)?(\d)*)*\d$/", $data['phone'])) && Validator::stringType()->length(0, 32)->validate($data['phone']);
+            $check = $check && (empty($data['phone']) || preg_match("/\+?((|\ |\.|\(|\)|\-)?(\d)*)*\d$/", $data['phone'])) && Validator::stringType()->length(0, 32)->validate($data['phone'] ?? '');
         }
         if (!$check) {
             return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
@@ -249,10 +249,10 @@ class UserController
 
         $check = Validator::stringType()->length(1, 255)->notEmpty()->validate($data['firstname']);
         $check = $check && Validator::stringType()->length(1, 255)->notEmpty()->validate($data['lastname']);
-        $check = $check && Validator::stringType()->length(0, 32)->validate($data['initials']);
+        $check = $check && Validator::stringType()->length(0, 32)->validate($data['initials'] ?? '');
         $check = $check && (empty($data['mail']) || filter_var($data['mail'], FILTER_VALIDATE_EMAIL) && Validator::stringType()->length(1, 255)->notEmpty()->validate($data['mail']));
         if (PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
-            $check = $check && (empty($data['phone']) || preg_match("/\+?((|\ |\.|\(|\)|\-)?(\d)*)*\d$/", $data['phone'])) && Validator::stringType()->length(0, 32)->validate($data['phone']);
+            $check = $check && (empty($data['phone']) || preg_match("/\+?((|\ |\.|\(|\)|\-)?(\d)*)*\d$/", $data['phone'])) && Validator::stringType()->length(0, 32)->validate($data['phone'] ?? '');
         }
         if (!$check) {
             return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
-- 
GitLab