[
https://issues.apache.org/struts/browse/STR-3136?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=43470#action_43470
]
Ralf Hauser commented on STR-3136:
----------------------------------
when the form fields get filled from the request parameters, apparently, a
Integer.valueOf(stingFromBrowser)
is done.
if the stingFromBrowser = "12", struts will fill in the integer 12
if the stingFromBrowser = "12 ", the form's field value remains on -1 or
whatever the default value for the integer field was.
-------------
one might go even further and not only strip whitespaces, but also
non-numerics, as in
Integer.valueOf(intString.trim().toLowerCase().replaceAll("[^0-9]", ""))
So, if somebody inadvertently enters "10'000 " into an integer input filed of a
struts form, this still would not result in -1, but the correct number...
> when an actionform creates an integer field, do a trim() or at least utter an
> error message
> -------------------------------------------------------------------------------------------
>
> Key: STR-3136
> URL: https://issues.apache.org/struts/browse/STR-3136
> Project: Struts 1
> Issue Type: Improvement
> Affects Versions: 1.3.9
> Reporter: Ralf Hauser
>
> currently, when I enter in an integer form field e.g. "12 ", the form arrives
> in my struts Action with the default value (0 or -1)
> if there were a trim() during the conversion, lots of user input errors could
> be avoided without risking to err ...
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
