Mirrors/Part-DB-server
2
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2026-03-14 19:29:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use a proper range constraint on the form

Browse Source 
Otherwise it is possible to inject invalid data
This commit is contained in:
Jan Böhmer
2025-09-14 23:04:44 +02:00
parent 41a7238ab7
commit a399b629d1
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/Form/InfoProviderSystem/FieldToProviderMappingType.php
View File

@@ -59,7 +59,10 @@ class FieldToProviderMappingType extends AbstractType
'max' => 10,
'class' => 'form-control-sm',
'style' => 'width: 80px;'
]
],
'constraints' => [
new \Symfony\Component\Validator\Constraints\Range(['min' => 1, 'max' => 10]),
],
]);
}
@@ -69,4 +72,4 @@ class FieldToProviderMappingType extends AbstractType
'field_choices' => [],
]);
}
}
}