search

ThawTunZan / pe

0 stars 0 forks source link

No warning in user input #4

Open ThawTunZan opened 7 months ago

ThawTunZan commented 7 months ago

image.png

When adding an operational item and having a sell price tag to it, the program does not warn me about it and instead proceeds.

nus-se-bot commented 7 months ago

Team's Response

Duplicate of #778.

This is concerning the input sanitization process of our application, which has already been elaborated upon in a duplicate bug report. We'll preface this response by saying that this behaviour is expected.

In summary, the command that you've provided is valid (as it contains the required parameters for the creation of an operational item). Thus, your command passes our input validation checks, and it is now sanitized and parsed accordingly (to add your item).

In this case, the -s flag and arguments are recognized as unnecessary, and hence, have been removed. Aside from that, the rest of the command is totally valid, and thus, is accepted and parsed by the program as a valid input.

It's therefore shown that the input sanitization works as intended, to remove unnecessary flags/input in the provided command.

To summarize, the command you've provided is valid, it's just that the command contained some extra, unnecessary flags, which we've handled as a part of our input sanitization process. Our program does not warn you if your input is valid. It only warns you if you have tried to pass in an invalid command.

The 'Original' Bug

[The team marked this bug as a duplicate of the following bug]

Poor sanititisation

image.png

[original: nus-cs2113-AY2324S2/pe-interim#906] [original labels: type.FunctionalityBug severity.High]

Their Response to the 'Original' Bug

[This is the team's response to the above 'original' bug]

From the only screenshot provided, it's shown that your inputs were sanitized and parsed correctly.

Your first two inputs were correctly invalidated as they do not fit our command format.

image.png

For your last input: search -q 0.. -e 17-09-2022..23-11-2024 ..23-11-2025, we see that your input was accepted. Why is this so? Well, this is because search -q 0.. -e 17-09-2022..23-11-2024 is a completely valid command. The only caveat is that you added some extra junk characters to the end of your command (..23-11-2025).

Ultimately, as you've provided a valid search command, our application is right to accept your input. Now that your command has passed the input validation check, it will be sanitized and parsed accordingly.

Evidently, the last part of your input (..23-11-2025) was correctly ignored by the application (given the fact that it is junk input and redundant), and the command was only executed on the valid parameters provided. Do note, that as a part of our input sanitization process, we delete unwanted characters from valid inputs, to handle typos from users. In this case, the trailing junk characters which you've included have been deleted and ignored by the application.

Therefore, your input has been validated and sanitized appropriately.

We'll reduce the severity of this bug to Low as this bug evidently has no severe impact on the functionality of the application. The initially assigned High severity is completely unjustified and unwarranted.

Items for the Tester to Verify

:question: Issue duplicate status

Team chose to mark this issue as a duplicate of another issue (as explained in the Team's response above)

Reason for disagreement: [replace this with your explanation]

## :question: Issue response Team chose [`response.Rejected`] - [ ] I disagree **Reason for disagreement:** [replace this with your explanation]