[OWASP_PHPSEC] Hi

Paulo Guerreiro paulocmguerreiro at gmail.com
Sun Oct 6 20:35:29 UTC 2013


Hi all,
I'm Paulo from Portugal and have just joined this project with hope to
contribute to the phpsec.

I have been browsing the code to understand it's structure and found a set
of function, that i think it deserves it's own class.
I'm talking about:
    phpsec\BasicPasswordManagement::isDate
    phpsec\BasicPasswordManagement::containsDate

Since the framework already has this functions built-in, why not exposed it
to the end developers (checking for dates, convert between formats, date
intervals and so on, it's a everyday task when dealing with dates).

What do you guys think? this way we could provide a richer (better
controlled by the framework) api to the end developer?

Now onto something usefull: Specially this two function could accept an
optional second parameter, something like an ENUN representing several date
formats. This would allow the developer checks if a date is valid and has a
preferred format.

The syntax could be something like:
    isDate($string) : test all of the implemented formats (as it is)
    isDate($string, \phpsec\Date::DDMMYYYY) : test only this format


Lasty, this function triggers a false positive, it accepts dates out of
range such as 2013-02-31


Sorry for my long first post ... and hope you can understand my english :)

Thanks
Paulo Guerreiro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20131006/8f2fc92a/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list