mirror of
				https://github.com/DSpace/DSpace.git
				synced 2025-10-25 02:43:06 +00:00 
			
		
		
		
	(Robert Tansley)
- Fixes to QueryArgs and RegisterServlet that cause NullPointerExceptions on invalid input git-svn-id: http://scm.dspace.org/svn/repo/trunk@1762 9c30dcfa-912a-0410-8fc2-9e0234be79fd
This commit is contained in:
		| @@ -1,5 +1,9 @@ | |||||||
| 1.4.2 beta | 1.4.2 beta | ||||||
| =========== | =========== | ||||||
|  | (Robert Tansley) | ||||||
|  | - Fixes to QueryArgs and RegisterServlet that cause NullPointerExceptions on | ||||||
|  |   invalid input | ||||||
|  |  | ||||||
| (Andrea Bollini) | (Andrea Bollini) | ||||||
| - SF Patch #1528142 Malformed OAI-PMH response: illegal bytes in UTF-8 for SF Bug #1490162 | - SF Patch #1528142 Malformed OAI-PMH response: illegal bytes in UTF-8 for SF Bug #1490162 | ||||||
|  |  | ||||||
|   | |||||||
| @@ -243,7 +243,17 @@ public class RegisterServlet extends DSpaceServlet | |||||||
|             HttpServletResponse response) throws ServletException, IOException, |             HttpServletResponse response) throws ServletException, IOException, | ||||||
|             SQLException, AuthorizeException |             SQLException, AuthorizeException | ||||||
|     { |     { | ||||||
|         String email = request.getParameter("email").toLowerCase().trim(); |         String email = request.getParameter("email"); | ||||||
|  |         if (email == null || email.length() > 64) | ||||||
|  |         { | ||||||
|  |         	// Malformed request or entered value is too long. | ||||||
|  |         	email = ""; | ||||||
|  |         } | ||||||
|  |         else | ||||||
|  |         { | ||||||
|  |         	email = email.toLowerCase().trim(); | ||||||
|  |         } | ||||||
|  |          | ||||||
|         String netid = request.getParameter("netid"); |         String netid = request.getParameter("netid"); | ||||||
|         String password = request.getParameter("password"); |         String password = request.getParameter("password"); | ||||||
|         EPerson eperson = EPerson.findByEmail(context, email); |         EPerson eperson = EPerson.findByEmail(context, email); | ||||||
|   | |||||||
| @@ -152,15 +152,25 @@ public class QueryArgs | |||||||
|          |          | ||||||
|         for (int i = 1; i <= numField; i++) |         for (int i = 1; i <= numField; i++) | ||||||
|         { |         { | ||||||
|         	String tmp_query = request.getParameter("query"+i).trim(); |         	String tmp_query = request.getParameter("query"+i); | ||||||
|         	String tmp_field = request.getParameter("field"+i).trim(); |         	String tmp_field = request.getParameter("field"+i); | ||||||
|  |         	// TODO: Ensure a valid field from config | ||||||
|  |             // Disarm fields with regexp control characters | ||||||
|  |             if (tmp_field != null) | ||||||
|  |             { | ||||||
|  |                 tmp_field = tmp_field.replace('/', ' '); | ||||||
|  |                 tmp_field = tmp_field.replace('<', ' '); | ||||||
|  |                 tmp_field = tmp_field.replace('\\', ' '); | ||||||
|  |                 tmp_field = tmp_field.replace(':', ' '); | ||||||
|  |             } | ||||||
|  |  | ||||||
|             if (tmp_query != null && !tmp_query.equals("")) |             if (tmp_query != null && !tmp_query.equals("")) | ||||||
|         	{ |         	{ | ||||||
|         		query.add(tmp_query); |         		query.add(tmp_query.trim()); | ||||||
|         		if (tmp_field == null)        		        			 |         		if (tmp_field == null)        		        			 | ||||||
|         			field.add("ANY"); |         			field.add("ANY"); | ||||||
|         		else  			 |         		else  			 | ||||||
|         			field.add(tmp_field); |         			field.add(tmp_field.trim()); | ||||||
|         		if (i != numField) |         		if (i != numField) | ||||||
|             	{ |             	{ | ||||||
|             		conjunction.add(request.getParameter("conjunction"+i) != null? |             		conjunction.add(request.getParameter("conjunction"+i) != null? | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Robert Tansley
					Robert Tansley