diff --git a/src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookUpdateRelationship.php b/src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookUpdateRelationship.php index b170085..45dce14 100644 --- a/src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookUpdateRelationship.php +++ b/src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookUpdateRelationship.php @@ -30,7 +30,7 @@ try { - $address = PeerAddress::fromAddress($rpcRequest->getParameter('peer')); + $receivingPeerAddress = PeerAddress::fromAddress($rpcRequest->getParameter('peer')); } catch(InvalidArgumentException $e) { @@ -41,8 +41,8 @@ { throw new MissingRpcArgumentException('relationship'); } - $relationship = ContactRelationshipType::tryFrom(strtoupper($rpcRequest->getParameter('relationship'))); - if($relationship === null) + $newRelationship = ContactRelationshipType::tryFrom(strtoupper($rpcRequest->getParameter('relationship'))); + if($newRelationship === null) { throw new InvalidRpcArgumentException('relationship'); } @@ -50,14 +50,14 @@ try { // Check if the contact already exists - $peer = $request->getPeer(); - if(!ContactManager::isContact($peer, $address)) + $requestingPeer = $request->getPeer(); + if(!ContactManager::isContact($requestingPeer->getUuid(), $receivingPeerAddress)) { return $rpcRequest->produceError(StandardError::FORBIDDEN, 'Contact does not exist'); } // Create the contact - ContactManager::updateContactRelationship($peer, $address, $relationship); + ContactManager::updateContactRelationship($requestingPeer->getUuid(), $receivingPeerAddress, $newRelationship); } catch (DatabaseOperationException $e) { diff --git a/src/Socialbox/Managers/ContactManager.php b/src/Socialbox/Managers/ContactManager.php index 29941f9..e220249 100644 --- a/src/Socialbox/Managers/ContactManager.php +++ b/src/Socialbox/Managers/ContactManager.php @@ -2,10 +2,13 @@ namespace Socialbox\Managers; + use DateTime; + use InvalidArgumentException; use ncc\ThirdParty\Symfony\Uid\UuidV4; use PDO; use PDOException; use Socialbox\Classes\Database; + use Socialbox\Classes\Validator; use Socialbox\Enums\Types\ContactRelationshipType; use Socialbox\Exceptions\DatabaseOperationException; use Socialbox\Objects\Database\ContactDatabaseRecord; @@ -30,6 +33,15 @@ { $contactAddress = $contactAddress->getAddress(); } + elseif(!Validator::validateUuid($contactAddress)) + { + throw new InvalidArgumentException('The given contact address is invalid'); + } + + if(!Validator::validateUuid($peerUuid)) + { + throw new InvalidArgumentException('The given peer internal UUID is not a valid UUID V4'); + } try { @@ -188,6 +200,15 @@ { $contactAddress = $contactAddress->getAddress(); } + elseif(!Validator::validatePeerAddress($contactAddress)) + { + throw new InvalidArgumentException('The given contact address is not a valid peer address'); + } + + if(!Validator::validateUuid($peerUuid)) + { + throw new InvalidArgumentException('The given internal peer UUID is not a valid UUID V4'); + } try { @@ -360,7 +381,7 @@ $statement->bindParam(':expires', $expires); $created = $signingKey->getCreated(); $statement->bindParam(':created', $created); - $trustedOn = (new \DateTime())->format('Y-m-d H:i:s'); + $trustedOn = (new DateTime())->format('Y-m-d H:i:s'); $statement->bindParam(':trusted_on', $trustedOn); } catch(PDOException $e)