search

RaythaHQ / raytha

Raytha is a powerful CMS with an easy-to-use interface and fast performance. It offers custom content types, a template engine, and various access controls. It supports multiple storage providers and an automatically generated REST API. Upgrade your development workflow with Raytha.
MIT License
164 stars 31 forks source link

Crash if user enters malformed date in `Content Item` #214

Closed apexdodge closed 1 month ago

apexdodge commented 2 months ago

When using a date field type in content item, a user entered a malformed date (06/08/0022) and this resulted in the following crash error:

Microsoft.Data.SqlClient.SqlException (0x80131904): The conversion of a nvarchar data type to a datetime data type resulted in an out-of-range value.

Fixed the crash for the customer temporarily by just updating the bad date in the database directly.

To fix:

In our JsonQueryEngine we have two places where we convert varchar to datetime:

https://github.com/RaythaHQ/raytha/blob/c5a74ae2e9dbdd71c6956e78352c06b0bd0a0b6d/src/Raytha.Infrastructure/JsonQueryEngine/RaythaDbJsonQueryEngine.cs#L380

https://github.com/RaythaHQ/raytha/blob/c5a74ae2e9dbdd71c6956e78352c06b0bd0a0b6d/src/Raytha.Infrastructure/JsonQueryEngine/RaythaDbJsonQueryEngine.cs#L472

We should consider changing it from CONVERT to TRY_CONVERT as described below:

SELECT TRY_CONVERT(DATETIME, '27/09/2024', 103);  -- Returns NULL on failure

This would return null on bad data which we can handle accordingly instead of just crashing out.