From 753227ae255cbd71015b042a41dc3cbbfb8f1904 Mon Sep 17 00:00:00 2001 From: Sarah Hoffmann Date: Tue, 17 Mar 2015 21:05:54 +0100 Subject: [PATCH] more strict parameter checking for reverse --- tests/features/api/reverse_simple.feature | 45 +++++++++++++++++++++++ tests/steps/api_setup.py | 4 ++ website/reverse.php | 8 ++-- 3 files changed, 54 insertions(+), 3 deletions(-) diff --git a/tests/features/api/reverse_simple.feature b/tests/features/api/reverse_simple.feature index 832b2011..7d564dde 100644 --- a/tests/features/api/reverse_simple.feature +++ b/tests/features/api/reverse_simple.feature @@ -50,3 +50,48 @@ Feature: Simple Reverse Tests Then the result is valid json When looking up jsonv2 coordinates 36.791966,127.171726 Then the result is valid json + + Scenario: Missing lon parameter + Given the request parameters + | lat + | 51.51 + When sending an API call reverse + Then exactly 0 results are returned + + Scenario: Missing lat parameter + Given the request parameters + | lon + | -79.39114 + When sending an API call reverse + Then exactly 0 results are returned + + Scenario: Missing osm_id parameter + Given the request parameters + | osm_type + | N + When sending an API call reverse + Then exactly 0 results are returned + + Scenario: Missing osm_type parameter + Given the request parameters + | osm_id + | 3498564 + When sending an API call reverse + Then exactly 0 results are returned + + Scenario Outline: Bad format for lat or lon + Given the request parameters + | lat | lon | + | | | + When sending an API call reverse + Then exactly 0 results are returned + + Examples: + | lat | lon + | 48.9660 | 8,4482 + | 48,9660 | 8.4482 + | 48,9660 | 8,4482 + | 48.966.0 | 8.4482 + | 48.966 | 8.448.2 + | Nan | 8.448 + | 48.966 | Nan diff --git a/tests/steps/api_setup.py b/tests/steps/api_setup.py index ab080096..35443cdb 100644 --- a/tests/steps/api_setup.py +++ b/tests/steps/api_setup.py @@ -122,3 +122,7 @@ def api_setup_details(step, obj): else: world.params['place_id'] = obj api_call('details') + +@step(u'sending an API call (\w+)') +def api_general_call(step, call): + api_call(call) diff --git a/website/reverse.php b/website/reverse.php index ee6a6100..93cb5877 100755 --- a/website/reverse.php +++ b/website/reverse.php @@ -45,10 +45,8 @@ $oPlaceLookup->setOSMID($_GET['osm_type'], $_GET['osm_id']); $aPlace = $oPlaceLookup->lookup(); - - //if (!$iPlaceID) $sError = 'OSM ID Not Found'; } - else + else if (isset($_GET['lat']) && isset($_GET['lon']) && preg_match('/^[+-]?[0-9]*\.?[0-9]+$/', $_GET['lat']) && preg_match('/^[+-]?[0-9]*\.?[0-9]+$/', $_GET['lon'])) { $oReverseGeocode = new ReverseGeocode($oDB); $oReverseGeocode->setLanguagePreference($aLangPrefOrder); @@ -59,6 +57,10 @@ $aPlace = $oReverseGeocode->lookup(); } + else + { + $aPlace = null; + } if (CONST_Debug) exit; -- 2.39.5