Bug: [Validation] `valid_date` passes a wrong date

codeigniter4 / CodeIgniter4

Open Source PHP Framework (originally from EllisLab)

https://codeigniter.com/

MIT License

5.4k stars 1.9k forks source link

Bug: [Validation] `valid_date` passes a wrong date #7561

Closed shishamo closed 1 year ago

shishamo commented 1 year ago

PHP Version

8.1

CodeIgniter4 Version

4.3.4

CodeIgniter4 Installation Method

Manual (zip or tar.gz)

Which operating systems have you tested for this bug?

macOS

Which server did you use?

apache

Database

PostgreSQL 15.2

What happened?

the validation rules valid_date don't handle a wrong date format

Steps to Reproduce

$data = [
    'testField' => '2023-08-31T15:00:00+0900dummy',
];

$validation = Services::validation();
$validation = $validation->setRules([
    'testField' => 'valid_date',
]);

$result = $validation->run($data);

Expected Output

should return a validation failing

Anything else?

No response

kenjis commented 1 year ago

It seems '2023-08-31T15:00:00+0900dummy' is valid for strtotime(). See https://3v4l.org/77f1q

I recommend you specify a date format. See https://codeigniter4.github.io/CodeIgniter4/libraries/validation.html?highlight=valid_date#rules-for-general-use

shishamo commented 1 year ago

@kenjis oh i see thank you

kenjis commented 1 year ago

I sent a PR to update the user guide: https://github.com/codeigniter4/CodeIgniter4/pull/7558/files#diff-75e5e834c9c260f8111e1ebc2fcab1b523eb040c6ee1ac31f9a65f4895a9a0f0R849-R854

kenjis commented 1 year ago

valid_date

Fails if field does not contain a valid date. Any string that strtotime() accepts is valid if you don’t specify an optional parameter to matches a date format. So it is usually necessary to specify the parameter.

https://codeigniter4.github.io/CodeIgniter4/libraries/validation.html#rules-for-general-use