groove/Part-DB-server
1
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-12-06 02:59:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Use a proper range constraint on the form

Browse source 
Otherwise it is possible to inject invalid data
This commit is contained in:
Jan Böhmer 2025-09-14 23:04:44 +02:00
parent 41a7238ab7
commit a399b629d1
1 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/Form/InfoProviderSystem/FieldToProviderMappingType.php
View file

@ -59,7 +59,10 @@ class FieldToProviderMappingType extends AbstractType
'max' => 10, 'max' => 10,
'class' => 'form-control-sm', 'class' => 'form-control-sm',
'style' => 'width: 80px;' 'style' => 'width: 80px;'
] ],
'constraints' => [
new \Symfony\Component\Validator\Constraints\Range(['min' => 1, 'max' => 10]),
],
]); ]);
} }
@ -69,4 +72,4 @@ class FieldToProviderMappingType extends AbstractType
'field_choices' => [], 'field_choices' => [],
]); ]);
} }
} }