Skip to content

Commit

Permalink
Filter event description HTML
Browse files Browse the repository at this point in the history
  • Loading branch information
@daveearley
daveearley committed Jul 11, 2024
1 parent 23e7e86 commit 10b1bdb
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 3 deletions.
4 changes: 3 additions & 1 deletion backend/app/Services/Domain/Event/CreateEventService.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
use HiEvents\Repository\Interfaces\EventSettingsRepositoryInterface;
use HiEvents\Repository\Interfaces\EventStatisticRepositoryInterface;
use HiEvents\Repository\Interfaces\OrganizerRepositoryInterface;
use HTMLPurifier;
use Illuminate\Database\DatabaseManager;
use Throwable;

Expand All @@ -24,6 +25,7 @@ public function __construct(
private readonly OrganizerRepositoryInterface $organizerRepository,
private readonly DatabaseManager $databaseManager,
private readonly EventStatisticRepositoryInterface $eventStatisticsRepository,
private readonly HTMLPurifier $purifier,
)
{
}
Expand Down Expand Up @@ -86,7 +88,7 @@ private function handleEventCreate(EventDomainObject $eventData): EventDomainObj
'end_date' => $eventData->getEndDate()
? DateHelper::convertToUTC($eventData->getEndDate(), $eventData->getTimezone())
: null,
'description' => $eventData->getDescription(),
'description' => $this->purifier->purify($eventData->getDescription()),
'timezone' => $eventData->getTimezone(),
'currency' => $eventData->getCurrency(),
'location_details' => $eventData->getLocationDetails(),
Expand Down
4 changes: 3 additions & 1 deletion backend/app/Services/Domain/Event/DuplicateEventService.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
use HiEvents\Services\Domain\PromoCode\CreatePromoCodeService;
use HiEvents\Services\Domain\Question\CreateQuestionService;
use HiEvents\Services\Domain\Ticket\CreateTicketService;
use HTMLPurifier;
use Illuminate\Database\DatabaseManager;
use Throwable;

Expand All @@ -27,6 +28,7 @@ public function __construct(
private readonly CreateQuestionService $createQuestionService,
private readonly CreatePromoCodeService $createPromoCodeService,
private readonly DatabaseManager $databaseManager,
private readonly HTMLPurifier $purifier,
)
{
}
Expand Down Expand Up @@ -55,7 +57,7 @@ public function duplicateEvent(
->setTitle($title)
->setStartDate($startDate)
->setEndDate($endDate)
->setDescription($description)
->setDescription($this->purifier->purify($description))
->setStatus(EventStatus::DRAFT->name);

$newEvent = $this->cloneExistingEvent(
Expand Down
4 changes: 3 additions & 1 deletion backend/app/Services/Handlers/Event/UpdateEventHandler.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
use HiEvents\Repository\Interfaces\EventRepositoryInterface;
use HiEvents\Repository\Interfaces\OrderRepositoryInterface;
use HiEvents\Services\Handlers\Event\DTO\UpdateEventDTO;
use HTMLPurifier;
use Illuminate\Database\DatabaseManager;
use Symfony\Component\Routing\Exception\ResourceNotFoundException;
use Throwable;
Expand All @@ -22,6 +23,7 @@ public function __construct(
private Dispatcher $dispatcher,
private DatabaseManager $databaseManager,
private OrderRepositoryInterface $orderRepository,
private HTMLPurifier $purifier,
)
{
}
Expand Down Expand Up @@ -72,7 +74,7 @@ private function updateEventAttributes(UpdateEventDTO $eventData): void
'end_date' => $eventData->end_date
? DateHelper::convertToUTC($eventData->end_date, $eventData->timezone)
: null,
'description' => $eventData->description,
'description' => $this->purifier->purify($eventData->description),
'timezone' => $eventData->timezone ?? $existingEvent->getTimezone(),
'currency' => $eventData->currency ?? $existingEvent->getCurrency(),
'location' => $eventData->location,
Expand Down

0 comments on commit 10b1bdb

Please sign in to comment.