[OWASP_PHPSEC] Hi

rahul chaudhary rahul300chaudhary400 at gmail.com
Thu Oct 10 02:04:22 UTC 2013


Hello Paulo,

First of all, sorry for this late reply....

Now, what you said about date is correct, but a correct date format was not
the goal of this project at that time since we were bounded by time. So,
this date issue is for next release. In ver 2, we will try to solve this
date problem..


What you said about 2013-02-31 is also true and I never thought of
this....since you pointed it out, I will make an issue about this in github
and then we will try to solve it. In the mean time, if you have a solution,
then please correct the code and push it to the github. Thanks buddy for
showing your interest in this project.


On Sun, Oct 6, 2013 at 4:35 PM, Paulo Guerreiro
<paulocmguerreiro at gmail.com>wrote:

> Hi all,
> I'm Paulo from Portugal and have just joined this project with hope to
> contribute to the phpsec.
>
> I have been browsing the code to understand it's structure and found a set
> of function, that i think it deserves it's own class.
> I'm talking about:
>     phpsec\BasicPasswordManagement::isDate
>     phpsec\BasicPasswordManagement::containsDate
>
> Since the framework already has this functions built-in, why not exposed
> it to the end developers (checking for dates, convert between formats, date
> intervals and so on, it's a everyday task when dealing with dates).
>
> What do you guys think? this way we could provide a richer (better
> controlled by the framework) api to the end developer?
>
> Now onto something usefull: Specially this two function could accept an
> optional second parameter, something like an ENUN representing several
> date formats. This would allow the developer checks if a date is valid and
> has a preferred format.
>
> The syntax could be something like:
>     isDate($string) : test all of the implemented formats (as it is)
>     isDate($string, \phpsec\Date::DDMMYYYY) : test only this format
>
>
> Lasty, this function triggers a false positive, it accepts dates out of
> range such as 2013-02-31
>
>
> Sorry for my long first post ... and hope you can understand my english :)
>
> Thanks
> Paulo Guerreiro
>
>
> _______________________________________________
> OWASP_PHP_Security_Project mailing list
> OWASP_PHP_Security_Project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project
>
>


-- 
Regards,
Rahul Chaudhary
Ph - 412-519-9634
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20131009/017ad00d/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list