Files
piratepoet/mailpoet/lib/Segments/DynamicSegments/SegmentSaveController.php
Rodrigo Primo 119dcbd5b5 Sanitize name and description when creating a segment
This commits adds the sanitization right before the data is added to the
database (\MailPoet\Segments\SegmentsRepository::createOrUpdate()) and
removes the sanitization from
\MailPoet\Segments\DynamicSegments\SegmentSaveController::save() to
avoid sanitizing twice. save() calls createOrUpdate().

Before this commit, we were sanitizing the name and description of
dynamic segments but not regular segments.

[MAILPOET-5232]
2023-04-17 14:33:51 -03:00

41 lines
1.2 KiB
PHP

<?php // phpcs:ignore SlevomatCodingStandard.TypeHints.DeclareStrictTypes.DeclareStrictTypesMissing
namespace MailPoet\Segments\DynamicSegments;
use MailPoet\ConflictException;
use MailPoet\Entities\SegmentEntity;
use MailPoet\NotFoundException;
use MailPoet\Segments\SegmentsRepository;
use MailPoetVendor\Doctrine\ORM\ORMException;
class SegmentSaveController {
/** @var SegmentsRepository */
private $segmentsRepository;
/** @var FilterDataMapper */
private $filterDataMapper;
public function __construct(
SegmentsRepository $segmentsRepository,
FilterDataMapper $filterDataMapper
) {
$this->segmentsRepository = $segmentsRepository;
$this->filterDataMapper = $filterDataMapper;
}
/**
* @throws ConflictException
* @throws NotFoundException
* @throws Exceptions\InvalidFilterException
* @throws ORMException
*/
public function save(array $data = []): SegmentEntity {
$id = isset($data['id']) ? (int)$data['id'] : null;
$name = $data['name'] ?? '';
$description = $data['description'] ?? '';
$filtersData = $this->filterDataMapper->map($data);
return $this->segmentsRepository->createOrUpdate($name, $description, SegmentEntity::TYPE_DYNAMIC, $filtersData, $id);
}
}