Fixed \XF\Searcher\AbstractSearcher: "end" parameter for "date" type not converted properly

DragonByte Tech

DragonByte Tech

Well-known member
Affected version
2.0.10 & 2.1.0 Beta 2
In \XF\Searcher\AbstractSearcher you'll see this:

Code: 
        if ($format == 'date')
        {
            if (is_array($value))
            {
                if (isset($value['start']))
                {
                    $value['start'] = $this->convertDateToInteger($value['start']);
                }
                if (isset($value['end']))
                {
                    $value['end'] = $this->convertDateToInteger($value['end']);
                }
            }
            else
            {
                $value = $this->convertDateToInteger($value);
            }
        }
The convertDateToInteger function actually does support an "end" parameter: protected function convertDateToInteger($date, $dayEnd = false) yet it's not used.

The fix should be to change the relevant line to $value['end'] = $this->convertDateToInteger($value['end'], true);

Please consider fixing this in XF 2.0 as well as 2.1 (if you're doing another bugfix XF2.0 release, IIRC there was meant to be a 2.0.11 bugfix release before the security issue?).

Thanks!


Fillip
 
Thank you for reporting this issue. The issue is now resolved and we are aiming to include that in a future XF release (2.0.12).

Change log:
In the AbstractSearcher ensure that the day end value is converted properly to the end of the day.
Click to expand...
Any changes made as a result of this issue being resolved may not be rolled out here until later.
 

Similar threads

K
phpBB: Custom user field values for type date are not converted
Replies
0
Views
2K
Kirby
K
Back
Top Bottom